Its valid until 2024. I even tried to run a knife ssl fetch and received the following (no firewalls are on on any of the servers):
- Version: OpenSSL 1.0.1l 15 Jan 2015
- Certificate file: C:/projects/openssl/knap-build/var/knapsack/software/x86-win
- Certificate directory: C:/projects/openssl/knap-build/var/knapsack/software/x8
Chef SSL Configuration:
- ssl_ca_path: nil
- ssl_ca_file: “C:/opscode/chef/embedded/ssl/certs/cacert.pem”
- trusted_certs_dir: “C:/Users/codegenagent\.chef\trusted_certs”
TO FIX THIS ERROR:
If the server you are connecting to uses a self-signed certificate, you must
configure chef to trust that server’s certificate.
By default, the certificate is stored in the following location on the host
where your chef-server runs:
Copy that file to your trusted_certs_dir (currently: C:/Users/codegenagent.chef
using SSH/SCP or some other secure method, then re-run this command to confirm
that the server’s certificate is now trusted.
C:\Windows\system32>knife ssl fetch
WARNING: No knife configuration file found
WARNING: Certificates from localhost will be fetched and placed in your trusted_
Knife has no means to verify these are the correct certificates. You should
verify the authenticity of these certificates after downloading.
ERROR: Network Error: No connection could be made because the target machine act
ively refused it. - connect(2)
Check your knife configuration and network settings