1. 技术文章
  2. Chef BERKSHELF3 proxy settings - Windows platform

Chef BERKSHELF3 proxy settings - Windows platform

我怕爱的太早我们不能终老 提交于 2019-11-28 02:19:28

问题


I just wanna know how to set proxy values(Url, user, password) for Berkshelf3 under windows platform when I launch the command >berks intall ?

  • I already try in cmd command:
    http_proxy='http://xx.xx.xx.xx'
    http_proxy_user=USERNAME
    http_proxy_pass=PASSWORD

  • The reamining issue:

    C:\chef-repo-distant\cookbooks\putty>berks install Resolving cookbook dependencies... Fetching 'putty' from source at . Fetching cookbook index from ttps://supermarket.getchef.com... C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:918:in connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certific ate verify failed (Faraday::SSLError) from C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:918:inblock in connect' from C:/opscode/chefdk/embedded/lib/ruby/2.0.0/timeout.rb:66:in timeout' from C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:918:inconnect' from C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:862:in do_start' from C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:851:instart' from C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:1367:in request' from C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:1126:inget' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/adapter/net_http.rb:78:in perform_request' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/adapter/net_http.rb:39:incall' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/request/retry.rb:87:in call' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/response.rb:8:incall' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/response.rb:8:in call' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/rack_builder.rb:139:inbuild_response' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/connection.rb:377:in run_request' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/connection.rb:140:inget' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/berkshelf-api-client-1.2.0/lib/berkshelf/api_client/connection.rb:62:in universe' from c:/opscode/chefdk/embedded/apps/berkshelf/lib/berkshelf/source.rb:22:inbuild_universe' from c:/opscode/chefdk/embedded/apps/berkshelf/lib/berkshelf/installer.rb:21:in `block (2 levels) in build_universe'

Thanks for the support!

Try to follow all the fix I can find on the web but it didn't make it :(

I use "source 'ttp://api.berkshelf.com" in my Berksfile
And launch the command berks install in a powershell windows

WITHOUT the proxy set, I got: 

Error retrieving universe from source: ttp://api.berkshelf.com
  * [Berkshelf::APIClient::TimeoutError] Unable to connect to: ttp://api.berkshelf.com

WITH the proxy set, I got: 

Installing windows (1.34.2) from ttp://api.berkshelf.com ([opscode] ttp://supermarket.getchef.com/api/v1)
E, [2014-09-01T18:27:50.775682 #13104] ERROR -- : Actor crashed!
Faraday::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:918:in `connect'
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:918:in `block in connect'
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/timeout.rb:52:in `timeout'
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:918:in `connect'
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:862:in `do_start'
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:851:in `start'
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:1367:in `request'
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:1126:in `get'
        C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/adapter/net_http.rb:78:in `perform
_request'

I'm desperate to solve this issue :(

Yeah, it works I'll have to add 3 certificates retrieve from IE to the cacert.pem !!! Great ;)
Thanks Tensibai ;)


回答1:


Your problem is here:

connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certific ate verify failed (Faraday::SSLError)

Your proxy is doing an interception on SSL traffic and use its own certificate to resign the distant site certificate.

So you have to add your proxy certificate into the cacerts.pem of your ruby install.

With a navigator show the proxy information of a ssl site and use 'copy to file' and chose base64 encoded x509 format.

Next edit this file to copy its content

Edit the cacert file (for chefdk according to you install it would be c:/opscode/chefdk/embedded/ssl/cacerts.pem

Paste your proxy certificate before the last one (to avoid messing with the end of file) and retry that should do the trick.

For some cases you have to setup the SSL_CERT_FILE env var:

set SSL_CERT_FILE=c:/opscode/chefdk/embedded/ssl/cacerts.pem

Source



来源:https://stackoverflow.com/questions/25604784/chef-berkshelf3-proxy-settings-windows-platform

标签
proxy
berkshelf
chef
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!