New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support certificates (insecure) for reporting to chef-visibility #150

Closed
vjeffrey opened this Issue Nov 8, 2016 · 4 comments

Comments

Projects
None yet
4 participants
@vjeffrey
Collaborator

vjeffrey commented Nov 8, 2016

Cookbook version

2.0

ERROR: SSL Validation failure connecting to host: lprsedifcha001v.int.asurion.com - SSL_connect returned=1 errno=0 state=error: certificate verify failed
ERROR: send_inspec_report: POSTing to https://lprsedifcha001v.int.asurion.com/data-collector/v0/ returned: SSL Error connecting to https://lprsedifcha001v.int.asurion.com/data-collector/v0/ - SSL_connect returned=1 errno=0 state=error: certificate verify failed

need to add insecure option for visibility

@vjeffrey

This comment has been minimized.

Collaborator

vjeffrey commented Nov 8, 2016

"we should document that SSL certs can/should be placed in /etc/chef/trusted_certs

*when using visibility" <-- from @jerryaldrichiii

@jerryaldrichiii

This comment has been minimized.

Collaborator

jerryaldrichiii commented Nov 8, 2016

@chris-rock submitted PR #152 which handles this well @vjeffrey

@chris-rock

This comment has been minimized.

Collaborator

chris-rock commented Nov 8, 2016

We may should still allow users to enable insecure here:

http = Chef::HTTP.new(dc[:server_url])
as we do for chef-server
Chef::Config[:verify_api_cert] = false
Chef::Config[:ssl_verify_mode] = :verify_none

@jerryaldrichiii

This comment has been minimized.

Collaborator

jerryaldrichiii commented Nov 8, 2016

Here is an attempt ^

Needs testing/vetting though. Let me know if I can help.

@cheeseplus cheeseplus closed this Apr 5, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment