0
votes

I just wanna know how to set proxy values(Url, user, password) for Berkshelf3 under windows platform when I launch the command >berks intall ?

  • I already try in cmd command:
    http_proxy='http://xx.xx.xx.xx'
    http_proxy_user=USERNAME
    http_proxy_pass=PASSWORD

  • The reamining issue:

    C:\chef-repo-distant\cookbooks\putty>berks install Resolving cookbook dependencies... Fetching 'putty' from source at . Fetching cookbook index from ttps://supermarket.getchef.com... C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:918:in connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certific ate verify failed (Faraday::SSLError) from C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:918:inblock in connect' from C:/opscode/chefdk/embedded/lib/ruby/2.0.0/timeout.rb:66:in timeout' from C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:918:inconnect' from C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:862:in do_start' from C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:851:instart' from C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:1367:in request' from C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:1126:inget' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/adapter/net_http.rb:78:in perform_request' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/adapter/net_http.rb:39:incall' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/request/retry.rb:87:in call' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/response.rb:8:incall' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/response.rb:8:in call' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/rack_builder.rb:139:inbuild_response' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/connection.rb:377:in run_request' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/connection.rb:140:inget' from C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/berkshelf-api-client-1.2.0/lib/berkshelf/api_client/connection.rb:62:in universe' from c:/opscode/chefdk/embedded/apps/berkshelf/lib/berkshelf/source.rb:22:inbuild_universe' from c:/opscode/chefdk/embedded/apps/berkshelf/lib/berkshelf/installer.rb:21:in `block (2 levels) in build_universe'

Thanks for the support!


Try to follow all the fix I can find on the web but it didn't make it :(

I use "source 'ttp://api.berkshelf.com" in my Berksfile
And launch the command berks install in a powershell windows

WITHOUT the proxy set, I got:

Error retrieving universe from source: ttp://api.berkshelf.com
  * [Berkshelf::APIClient::TimeoutError] Unable to connect to: ttp://api.berkshelf.com

WITH the proxy set, I got:

Installing windows (1.34.2) from ttp://api.berkshelf.com ([opscode] ttp://supermarket.getchef.com/api/v1)
E, [2014-09-01T18:27:50.775682 #13104] ERROR -- : Actor crashed!
Faraday::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:918:in `connect'
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:918:in `block in connect'
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/timeout.rb:52:in `timeout'
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:918:in `connect'
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:862:in `do_start'
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:851:in `start'
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:1367:in `request'
        C:/opscode/chefdk/embedded/lib/ruby/2.0.0/net/http.rb:1126:in `get'
        C:/opscode/chefdk/embedded/lib/ruby/gems/2.0.0/gems/faraday-0.9.0/lib/faraday/adapter/net_http.rb:78:in `perform
_request'

I'm desperate to solve this issue :(


Yeah, it works I'll have to add 3 certificates retrieve from IE to the cacert.pem !!! Great ;)
Thanks Tensibai ;)

1

1 Answers

1
votes

Your problem is here:

connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certific ate verify failed (Faraday::SSLError)

Your proxy is doing an interception on SSL traffic and use its own certificate to resign the distant site certificate.

So you have to add your proxy certificate into the cacerts.pem of your ruby install.

With a navigator show the proxy information of a ssl site and use 'copy to file' and chose base64 encoded x509 format.

Next edit this file to copy its content

Edit the cacert file (for chefdk according to you install it would be c:/opscode/chefdk/embedded/ssl/cacerts.pem

Paste your proxy certificate before the last one (to avoid messing with the end of file) and retry that should do the trick.

For some cases you have to setup the SSL_CERT_FILE env var:

set SSL_CERT_FILE=c:/opscode/chefdk/embedded/ssl/cacerts.pem

Source