无法在Windows 7上安装librarian-chef cookbook

时间:2014-09-25 15:56:38

标签: ruby chef cookbook librarian

我正在尝试在Windows提示符下安装librarian-chef个烹饪书。我已经使用gem install librarian-chef安装了librarian-chef。但是我收到了这个错误:

C:\Users\crmpicco\Documents\vagrant-chef-deploy>librarian-chef install
DL is deprecated, please use Fiddle
Installing iptables (0.14.0)
C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:918:in `connect': SSL_connect returned
=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (Ope
nSSL::SSL::SSLError)
        from C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:918:in `block in connect'

        from C:/Ruby200-x64/lib/ruby/2.0.0/timeout.rb:52:in `timeout'
        from C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:918:in `connect'
        from C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:862:in `do_start'
        from C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:851:in `start'

这是我配置的问题吗?

我的Cheffile:

#!/usr/bin/env ruby
#^syntax detection

site 'https://supermarket.getchef.com/api/v1'

# cookbook 'chef-client'

# cookbook 'apache2', '>= 1.0.0'

# cookbook 'rvm',
#   :git => 'https://github.com/fnichol/chef-rvm'

# cookbook 'postgresql',
#   :git => 'https://github.com/findsyou/cookbooks',
#   :ref => 'postgresql-improvements'


# Community cookbooks
#cookbook "apache2"
cookbook 'apache2', '~> 2.0.0'
cookbook "php"
#cookbook "yum"
#cookbook "ant"
cookbook "apt"
cookbook 'mysql', '~> 5.5.2'
cookbook "database"
cookbook "ssh_known_hosts"
cookbook "composer"
cookbook 'git', '~> 4.0.2'
cookbook 'varnish', '~> 0.9.18'
cookbook 'selinux', '~> 0.8.0'
cookbook 'hostsfile',
  :git => 'https://github.com/customink-webops/hostsfile'



cookbook "selenium", :git => 'https://github.com/kohkimakimoto/chef-cookbooks-selenium'

2 个答案:

答案 0 :(得分:4)

是的,该网站使用的是不受信任的HTTPS证书,而librarian-chef通过拒绝连接来做正确的事情。这很可能是因为您需要更新根信任数据库。通常,使用Ruby执行此操作的最简单方法是下载the cURL CA bundle,然后将环境变量SSL_CERT_FILE设置为指向您下载它的路径。我的windows-fu生锈了,但这应该会让你获得更新的CA列表。

答案 1 :(得分:0)

作为coderanger的答案的扩展,根据我的经验,您可能必须使用较旧的CA捆绑包。可以找到解释(和较旧的证书)here但是,您应该了解这样做的安全隐患。

  

2014年9月初,Mozilla从其CA捆绑中仍使用RSA 1024位密钥的证书中删除了信任位。这可能导致TLS库难以验证某些站点,如果所讨论的库没有正确支持路径发现"根据RFC 4158.(包括OpenSSL和GnuTLS。)