Function fails with self-signed certs
Closed this issue · 1 comments
This function does work with hosted chef.
However, with my chef server on EC2, I'm unable to get it to work.
Running in Debug mode works - so I know the kms en/decryption's working.
As documented, with VERIFY_SSL=False I get the error below:
{
"stackTrace": [
[
"/var/task/main.py",
74,
"handle",
"if len(search) != 0:"
],
[
"/var/task/chef/search.py",
83,
"len",
"return len(self.data['rows'])"
],
[
"/var/task/chef/search.py",
60,
"data",
"self._data = self.api[self.url]"
],
[
"/var/task/chef/api.py",
221,
"getitem",
"return self.api_request('GET', path)"
],
[
"/var/task/chef/api.py",
217,
"api_request",
"response = self.request(method, path, headers, data)"
],
[
"/var/task/chef/api.py",
204,
"request",
"raise ChefServerError(e.message)"
]
],
"errorType": "ChefServerError",
"errorMessage": "[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)"
}
Setting VERIFY_SSL to True doesn't work either:
...
File "/var/task/chef/api.py", line 204, in request
raise ChefServerError(e.message)
ChefServerError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)