I am setting up a local virtual lab environment with VMWare workstation for Chef Server 12. Workstation and Chef server are reachable and pingable by FQDN’s but it seems when I do knife ssl fetch it pulls down localhost.crt instead of chefserver01.localdomain.crt as I would expect.
I have confirmed that the file is localhost.crt on the Chef server in /var/opt/opscode/nginx/ca/
I have tried renaming the files on the chef server and in the trusted certs locally on the workstation and doing a chef-server-ctl reconfigure and nginx reconfigure.
when I run
openssl x509 -in ./localhost.crt -noout -text
I see that the CN is set wrong
Subject: C=US, O=YouCorp, OU=Operations, CN=localhost
My question is why does this pull the wrong hostname for the chef server when I have set up all the settings? (these boxes are CentOS 7 btw). I have tried re-installing chef server and reconfiguring it again but still no change. Is there a way to fix these the CN in the .crt to the correct value? I checked the hashes etc. are also correct and have run knife ssl check at the same time that I was using the knife ssl fetch commands.
If I have missed any details let me know.
Any suggestions would be much appreciated. Thanks