I encountered this issue while learning how to setup a Chef Server remotely. After installing Chef Server on a remote server, setting up Knife on my local workstation, I ran into the issue of having the wrong SSL certificate. The error on my computer looks like this:
$knife ssl check
Connecting to host remote.yjx.me:443
ERROR: The SSL cert is signed by a trusted authority but is not valid for the given hostname
ERROR: You are attempting to connect to: 'remote.yjx.me'
ERROR: The server's certificate belongs to 'remote.c.personal-172203.internal'
remote.yjx.me
is my chef_server_url
and where my Chef Server lives. However, the certificate signed points towards remote.c.personal-172203.internal
which is an internal name assigned by Google Cloud Platform (my remote hosting service).
A simple google leads me to checking out my hostname on my remote using the following command:
$hostname -f
remote.c.personal-172203.internal
The solution was to change it using the hostname
command and re-run chef reconfigure.
$sudo hostname remote.yjx.me
$chef-server-ctl reconfigure
$chef-server-ctl restart nginx
And now, knife pulls the correct certificate and finally, I can successfully authenticate with my Chef Server.