Hello,
I'm having some trouble bootstrapping windows machines because of this error on ssl certificates:
knife bootstrap windows winrm servername -E environment -x 'domain\user' -r 'role[xxx]'
INFO: *** Chef 12.15.19 ***
INFO: Platform: x64-mingw32
INFO: Chef-client pid: 2040
INFO: Client key C:\chef\client.pem is not present - registering
ERROR: SSL Validation failure connecting to host: mychefserver.domain.lcl - SSL_connect returned=1 errno=0 state=error: certificate verify failed
================================================================================
Chef encountered an error attempting to create the client "servername.domain.lcl"
================================================================================
Platform:
---------
x64-mingw32
ERROR: Running exception handlers
ERROR: Exception handlers complete
FATAL: Stacktrace dumped to c:/chef/cache/chef-stacktrace.out
FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
FATAL: OpenSSL::SSL::SSLError: SSL Error connecting to https://mychefserver.domain.lcl/organizations/org_name/clients - SSL_connect returned=1 errno=0 state=error: certificateverify failed
ERROR: Failed to execute command on servername return code 1
this error started when we upgraded to chefdk 0.19.6 from 0.15.16 (skipped the other versions between the two).
i think this is caused by chefdk not copying trusted certs to the bootrapped machine because the workaround to copy trusted_certs manually worked.
I expect to have the trusted cert folder copied from my local machine to the bootstrapped windows node.
here some additional details on versions:
working one:
> chef -v
Chef Development Kit Version: 0.15.16
chef-client version: 12.11.18
delivery version: master (444effdf9c81908795e88157f01cd667a6c43b5f)
berks version: 4.3.5
kitchen version: 1.10.0
> chef gem list knife-windows
*** LOCAL GEMS ***
knife-windows (1.7.0, 1.4.1)
not working one:
> chef -v
Chef Development Kit Version: 0.19.6
chef-client version: 12.15.19
delivery version: master (802e801d920ea6b6d48db735aa7c6e7a6194bea4)
berks version: 5.1.0
kitchen version: 1.13.2
> chef gem list knife-windows
*** LOCAL GEMS ***
knife-windows (1.7.0)
Hello, I'm having some trouble bootstrapping windows machines because of this error on ssl certificates:
this error started when we upgraded to chefdk 0.19.6 from 0.15.16 (skipped the other versions between the two). i think this is caused by chefdk not copying trusted certs to the bootrapped machine because the workaround to copy trusted_certs manually worked. I expect to have the trusted cert folder copied from my local machine to the bootstrapped windows node.
here some additional details on versions: working one:
not working one:
Thanks.