I get the following error in a recipe:
remote_file("my-script.ps1") do provider Chef::Provider::RemoteFile action "create" retries 0 retry_delay 2 default_guard_interpreter :default path "my-script.ps1" backup 5 atomic_update true source ["https://myrepo.internal.local/dev/Chef/raw/master/src/BLD/Chef.BLD/Recipes/my-script.ps1"] use_etag true use_last_modified true declared_type :remote_file cookbook_name "windows" recipe_name "runmyscript" end
[2015-05-19T08:34:04+01:00] INFO: Running queued delayed notifications before re-raising exception
[2015-05-19T08:34:04+01:00] ERROR: Running exception handlers
Running handlers complete
[2015-05-19T08:34:04+01:00] ERROR: Exception handlers complete
[2015-05-19T08:34:04+01:00] FATAL: Stacktrace dumped to c:/chef/cache/chef-stacktrace.out
Chef Client failed. 2 resources updated in 29.838761 seconds
[2015-05-19T08:34:04+01:00] FATAL: OpenSSL::SSL::SSLError: remote_file[my-script.ps1] (windows::runmyscript line
8) had an error: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
The source uses a valid certificate (not self-signed) and I have put the pem files (full cert chain) under /opt/chef-server/embedded/ssl/certs on my chef server.
How do I get the chef-client to use them?
This message is intended only for the use of the person(s) (“Intended Recipient”) to whom it is addressed. It may contain information which is privileged and confidential. Accordingly any dissemination, distribution, copying or other use of this message or any of its content by any person other than the Intended Recipient may constitute a breach of civil or criminal law and is strictly prohibited. If you are not the Intended Recipient, please contact the sender as soon as possible.
Totaljobs Group Limited Registered Office: Bluefin Building, 110 Southwark Street, London, SE1 0TA, UK Registered in England and Wales under company no. 4269861