Workstation SSL Best Practice Documentation needed


#1

Hi,

I am trying to set my workstation using CA certificate.
My workstation is on my Ubuntu host and Chef Server is on AWS EC2 instance.

I have tried every documentation available to get the setup in place, though still get an error message the my certificate can’t be verified.

I have done: Knife ssl fetch and even tried to copy the crt under .chef/trusted_certs.

Can anyone assist?

Thanks!


#2

You should add (append) the CA certificate to two files (the locations are on CentOS, but are probably similar or the same on Ubuntu):

Chef client:

/opt/chef/embedded/ssl/certs/cacert.pem

Chef DK:

/opt/chefdk/embedded/ssl/certs/cacert.pem

You will need to do this every time the client or Chef DK is updated.

Kevin Keane
Whom the IT Pros Call
The NetTech
http://www.4nettech.com
Our values: Privacy, Liberty, Justice
See https://www.4nettech.com/corp/the-nettech-values.html