Hi, I am facing the same situation. Did you find a solution to the problem?
otherwise... bump... Cheers, Jörg Am Mittwoch, 1. Juli 2015 20:08:52 UTC+2 schrieb Peter Berghold: > > I've got Docker running on one of my Puppet managed hosts and I'm trying > to connect Foreman to it. I noticed in the Docker documentation they > suggest using a self signed SSL cert which I rejected since I'm sure > Foreman would complain about not being able to validate the CA. > > So, I got "clever" and decided to reuse the Puppet cert and CA files > thusly: > > DOCKER_OPTS="--tlsverify --tlscacert=/var/lib/puppet/ssl/certs/ca.pem > --tlscert=/var/lib/puppet/ssl/certs/mcadprod3.mca.sharkrivertech.com.pem > --tlskey=/var/lib/puppet/ssl/private_keys/mcadprod3.mca.sharkrivertech.com.pem > > -H tcp://0.0.0.0:4243 -H unix:///var/run/docker.sock -d" > > I then tried to connect to the host and got this as an error: > > Error connecting with the compute resource: *Unable to verify > certificate, please set `Excon.defaults[:ssl_ca_path] = path_to_certs`, > `ENV['SSL_CERT_DIR'] = path_to_certs`, `Excon.defaults[:ssl_ca_file] = > path_to_file`, `ENV['SSL_CERT_FILE'] = path_to_file`, > `Excon.defaults[:ssl_verify_callback] = callback` (see > OpenSSL::SSL::SSLContext#verify_callback), or > `Excon.defaults[:ssl_verify_peer] = false` (less secure).* > > *So my questions are:* > *1) who is complaining here? Docker or Foreman and where do those values > get set?* > > *2) Why wouldn't using the Puppet certs work?* > > *anybody got an idea about this?* > -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
