Hope someone can help me out with this.
On the Node:
I downloaded the certs from our private ca and copied them to /etc/pki/ca-trust/source/anchors
did an update-ca-trust
OpenSSL::SSL::SSLError: SSL Error connecting to https://chefdevserver.comt.net/organizations/nonprod-corp/nodes/node1 - SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get issuer certificate)
If I copy the certs from that location to /opt/chef/embedded/ssl/certs and rename it to cacerts.pem everything works.
This is not something I can do for every node I want to bootstrap. This would be a manual process.
How can I get chef to import the right certs?
Is there some where on the chef server I can put these certs that the node can grab it from?