Fatal编程技术网
  • openssl/
  • Openssl 托管厨师的SSL问题(12)(Windows)

Openssl 托管厨师的SSL问题(12)(Windows)

openssl chef-infra

Openssl 托管厨师的SSL问题(12)(Windows),openssl,chef-infra,knife,Openssl,Chef Infra,Knife,我正在尝试设置chef-client以与来自Opscode的托管chef(v12)对话,但遇到了SSL问题。我尝试了网络和stackOverflow上的所有建议(包括“ssl fetch”和添加“ssl\u verify\u mode:none”),但没有任何效果。我正在运行Windows7。我还尝试在knife.rb中的路径中切换/with\但仍然无法工作 这是我运行knife ssl fetch和knife ssl check PS C:\Users\me\chef-repo> kni

我正在尝试设置
chef-client
以与来自Opscode的托管chef(v12)对话,但遇到了SSL问题。我尝试了网络和stackOverflow上的所有建议(包括“
ssl fetch
”和添加“
ssl\u verify\u mode:none
”),但没有任何效果。我正在运行Windows7。我还尝试在knife.rb中的路径中切换/with\但仍然无法工作

这是我运行
knife ssl fetch
knife ssl check

PS C:\Users\me\chef-repo> knife ssl fetch
WARNING: Certificates from api.chef.io will be fetched and placed in your trusted_cert
directory (c:\users\me\chef-repo\.chef\trusted_certs).

Knife has no means to verify these are the correct certificates. You should
verify the authenticity of these certificates after downloading.

Adding certificate for *.opscode.com in c:\users\me\chef-repo\.chef\trusted_certs/wildcard_opscode_com.crt
Adding certificate for DigiCert SHA2 Secure Server CA in c:\users\me\chef-repo\.chef\trusted_certs/DigiCert_SHA2_S
ecure_Server_CA.crt



PS C:\Users\me\chef-repo> knife ssl check
Connecting to host api.chef.io:443
ERROR: The SSL certificate of api.chef.io could not be verified
Certificate issuer data: /C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA

Configuration Info:

OpenSSL Configuration:
* Version: OpenSSL 1.0.1l 15 Jan 2015
* Certificate file: C:/projects/openssl/knap-build/var/knapsack/software/x86-windows/openssl/1.0.1p/ssl/cert.pem
* Certificate directory: C:/projects/openssl/knap-build/var/knapsack/software/x86-windows/openssl/1.0.1p/ssl/certs
Chef SSL Configuration:
* ssl_ca_path: nil
* ssl_ca_file: "C:/opscode/chefdk/embedded/ssl/certs/cacert.pem"
* trusted_certs_dir: "c:\\users\\me\\chef-repo\\.chef\\trusted_certs"

TO FIX THIS ERROR:

If the server you are connecting to uses a self-signed certificate, you must
configure chef to trust that server's certificate.

By default, the certificate is stored in the following location on the host
where your chef-server runs:

  /var/opt/opscode/nginx/ca/SERVER_HOSTNAME.crt

Copy that file to your trusted_certs_dir (currently: c:\users\me\chef-repo\.chef\trusted_certs)
using SSH/SCP or some other secure method, then re-run this command to confirm
that the server's certificate is now trusted.

PS C:\Users\me\chef-repo>
我不确定“OpenSSL配置”输出是什么意思,但我的机器上没有任何C:project目录(在证书文件/dir中提到)。这可能是问题所在吗?我怎样才能修好它

啊,我刚才碰到这个错误。我想你可能错过了Ruby本身的证书

简短的版本是,你需要升级证书,并在一天内通知它。请看以下指南之一:

  • 刀取
  • 下载
  • 将证书放入.chef/trusted\u证书
    • Stack Overflow是一个关于编程和开发问题的网站。这个问题似乎离题了,因为它与编程或开发无关。请参见帮助中心中的。也许或者会是一个更好的提问的地方。另见。