SSL Verify still failing with custom pem

Question

SSL Verify still failing with custom pem

Closed this issue a year ago · 2 comments

I'm getting an error of

OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

Even when using a custom pem. In order to create this pem, I went to the chef server, found the .key and .crt used by nginx, catted them into a newfile.pem, and copied that to where I'm using chef-api. What more is necessary to get this working without turning sslverify off?

Answer 1 · 2016-09-24T21:07:22.000Z

Old issue, but I was able to fix this by turning off peer verification.

OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE

However, Client.all hangs and doesn't complete. Ridley may be a better option for you.

Answer 2 · 2018-03-24T02:18:13.000Z

Ridley repo has been archived so that's not really an option anymore for longer term support.