search

chef / effortless

Automated best practices for Chef Infra and Chef InSpec
https://chef.io
Apache License 2.0
33 stars 38 forks source link

SSL cacerts wrapper #184

Open drakoswraith opened 4 years ago

drakoswraith commented 4 years ago

Description

Per my success engineer (Stephen Wise), i'm opening this for tracking purposes for SSL cacerts wrapping

Scaffolding Version

0.16.0 of this repo

Platform Version

Running Habitat studio on Windows 10 (1803)

Replication Case

Executing a build in a Windows Habitat Studio (no docker), failed due to validation of SSL while connecting to a on-prem artifactory instance during the InSpec step of the scaffolding, which requires a DigiCert intermediate CA cert. The cert needed is present in the .chef folder, and the system certificate store. Resolved by creating custom cacert package, and adding wrapper to the effortless package for the SSL_CERT_FILE variable.

Build or Run Output

(did not save the entire run) SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate) (OpenSSL::SSL::SSLError)

TheLunaticScripter commented 4 years ago

@drakoswraith Thank you for opening this.