Search code examples
chef-infraberkshelftest-kitchen

Berks install SSL_Connect Certification Verify failed (Faraday:SSLError)

As part of a cookbook(newbie) i am trying to write, i was using berks to install the dependencies from other cookbooks and eventually when i am running berks install, i am encountering certificate verification errors. Can any one help me to know what could be going wrong and how i could resolve this issue.Thank you

chef environment:

Chef Development Kit Version: 0.12.0 chef-client version: 12.8.1 berks version: 4.3.0 kitchen version: 1.6.0

berkshelf

berks -v 4.3.0

berks install - Error

/opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/httpclient-2.7.1/lib/httpclient/ssl_socket.rb:46:in `connect': SSL_connect returned=1 errno=0 state=error: certificate verify failed (Faraday::SSLError)
from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/httpclient-2.7.1/lib/httpclient/ssl_socket.rb:46:in `ssl_connect'
from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/httpclient-2.7.1/lib/httpclient/ssl_socket.rb:24:in `create_socket'
from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/httpclient-2.7.1/lib/httpclient/session.rb:739:in `block in connect'
from /opt/chefdk/embedded/lib/ruby/2.1.0/timeout.rb:91:in `block in timeout'
from /opt/chefdk/embedded/lib/ruby/2.1.0/timeout.rb:101:in `call'
from /opt/chefdk/embedded/lib/ruby/2.1.0/timeout.rb:101:in `timeout'
from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/httpclient-2.7.1/lib/httpclient/session.rb:735:in `connect'
from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/httpclient-2.7.1/lib/httpclient/session.rb:497:in `query'
from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/httpclient-2.7.1/lib/httpclient/session.rb:170:in `query'
from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/httpclient-2.7.1/lib/httpclient.rb:1238:in `do_get_block'
from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/httpclient-2.7.1/lib/httpclient.rb:1021:in `block in do_request'
from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/httpclient-2.7.
Solution

  • chefdk is a collection of tools bundled up together, though you do not have to use it, i don't, and you can bundle them together yourself.

    i assume you have a Gemfile within your chef repository. if you don't, then you can easily create one by executing bundle init. now use the Gemfile to specify which version of berkshelf you would like to use. once you have it, execute bundle install. if everything goes smoothly, bundle exec berks configure should work for you. you can configure it not to use ssl, or just place ~/.berkshelf/config.json with the following content:

    {
  "ssl": {
    "verify": false
  }
}

    hope this will resolve your issue.