Chef 服务器(RHEL 6.5):11.16.4
Windows 端点:Windows 2008
引导通过 http (使用winrm config allowUnEncrypeted = true和basic auth = true)工作正常。
现在我们通过 https 尝试同样的事情(但使用basic auth = false和AllowUnEncrypted = false)
已生成自签名证书(使用私钥),并且我已经通过端口 443 验证了 telnet。
为了检查连通性,我从我的终端(Windows 7)运行以下命令,
winrs -r:https://<fqdn Of windows EP>:443 -u:administrator -p:password_1 ipconfig
在受信任的根认证机构下添加自签名证书后,它可以正常工作。
从 Chef 服务器引导时出错:
[root@v-ng25-rhel6u5-tpm722 ~]# knife bootstrap windows winrm v-ngibm71tpm7222k8.example.co.in -x Administrator -P 'password_1' -p 443
Waiting for remote response before bootstrap.at depth 0 - 18: self signed certificate
..at depth 0 - 18: self signed certificate
..at depth 0 - 18: self signed certificate
..at depth 0 - 18: self signed certificate
..at depth 0 - 18: self signed certificate
..at depth 0 - 18: self signed certificate
..at depth 0 - 18: self signed certificate
..at depth 0 - 18: self signed certificate
..at depth 0 - 18: self signed certificate
ERROR: No response received from remote node after 1.84 minutes, giving up.
ERROR: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
理想情况下,如果 winrs 命令有效,那么这个也应该有效。
非常感谢任何帮助/指点。