I installed chef-dk and started using berkshelf, but berks failed to load

Question

I installed chef-dk and started using berkshelf, but berks failed to load

I have installed chef client 12.0.3 , on top of it I have installed chef-dk version 0.3.5 , but why chef-dk installs the version of chef client Chef: 11.18.0.rc.1

Unable to upload cookbooks to the chef's server
The berks shelf list is working, but berks loading failed

Error:

 E, [2015-01-08T04:58:36.707534 #22533] ERROR -- : Ridley::Errors::ClientError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed E, [2015-01-08T04:58:36.708931 #22533] ERROR -- : /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/celluloid-0.16.0/lib/celluloid/responses.rb:29:in `value' /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/celluloid-0.16.0/lib/celluloid/calls.rb:92:in `value' /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/celluloid-0.16.0/lib/celluloid/proxies/sync_proxy.rb:33:in `method_missing' /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/celluloid-0.16.0/lib/celluloid/proxies/cell_proxy.rb:17:in `_send_ There was an error connecting to the Chef Server

+6

chef berkshelf chefdk

user60679 Jan 08 '15 at 5:19

source share

4 answers

coderanger · Answer 1 · 2015-01-08T05:24:19+0000

It does not perform the SSL verification procedure. Follow these instructions to fix it for the knife. For berkshelf, you can disable SSL checking in config.json , or you can set $SSL_CERT_FILE to the downloaded server certificate.

Gilad sharaby · Answer 2 · 2017-01-01T16:15:14+0000

This is a problem with berks.
You can override the ssl check option in the berks configuration file:

 echo '{"ssl": { "verify": false }}' > ~/.berkshelf/config.json

Tensibai · Answer 3 · 2015-01-08T11:02:58+0000

Since I'm a big fan of bug fixes instead of fixing the symptom, here's what you can do to make sure that the SSL connection works with validation (with a bit more granularity than coderanger):

1) Get the server certificate and add it to the cacert.pem file of the chef-dk file

openssl s_client -showcerts -connect <YOUR_CHEF_SERVER>:443 </dev/null 2>/dev/null|openssl x509 -outform PEM >> /opt/chefdk/embedded/ssl/certs/cacert.pem

2) set env variables for ssl libs:

export SSL_CERT_FILE=/opt/chefdk/embedded/ssl/certs/cacert.pem

Try downloading again and it should work.

Paul croarkin · Answer 4 · 2017-04-19T11:44:31+0000

You can also disable ssl checking on the command line:

 berks upload --no-ssl-verify

I installed chef-dk and started using berkshelf, but berks failed to load

More articles: