Reputation: 704
Chef : knife.rb ignores ssl_verify_mode :verify_none when bootstrapping a node
I am trying to bootstrap a node from chef workstation. I have everything configured, and also the knife client list returns the name of the validator. However, when I bootstrap a node, I get the following error
ERROR: SSL Validation failure connecting to host: XXX.XXX.XXX - hostname XXX.XXX.XXX does not match the server certificate
Although I have configured the knife.rb and added the line
ssl_verify_mode :verify_none.
The chef server and workstation don't have domain names; only IPs.
Is there a way to work around the SSL check?
Upvotes: 2
Views: 3826
Answers (2)
Reputation: 69
There is a syntax error in Tensibai response. It should be --node-ssl-verify-mode none (lowercase)
Upvotes: 0
Reputation: 15784
I'm unsure the knife.rb parameter is used for bootstrapping.
There's a --node-ssl-verify-mode NONE for the knife bootstrap command, which will set the ssl_verify_mode parameter to :verify_none on the node bootstrapped.
But really, configure a DNS system; you'll have another load of problems using IP as nginx won't be able to properly route the requests without a hostname defined.
Upvotes: 2
Related Questions
- Unable to bootstrap a node from chef workstation
- Why does Chef throw SSL error when using knife Command on Chef-Workstation?
- Chef node configuration issue with knife bootstrap- can't authenticate with server
- ssl validation error coming while doing chef client setup
- chef SSL Validation failure connecting to host after Chef Development Kit installation
- SSL validation failure - knife ec2 with chef 12
- Chef and Knife to bootstrap ec2 - OpenSSL::PKey::RSAError: private key needed.: no start line
- Running Knife with --node-name tries to authenticate with that node_name
- unable to ssl connect to chef-server from chef-workstation
- SSLError while trying to create EC2 server with knife