On Wednesday, June 18, 2014 12:14:21 AM UTC-5, Torsten Kleiber wrote: > > > > Am Dienstag, 17. Juni 2014 15:03:20 UTC+2 schrieb jcbollinger: > >> You mean you have set these in your puppet.conf or in your environment? >> If the former then which one (file system path) and which section? Are you >> running as root or as an unprivileged user? >> > > I run at the moment with root and have set it via export before the call. > After setting it now in puppet.conf, the error changes similar to curl > without -k: > puppet module install rtyler/jenkins --debug > Notice: Preparing to install into /etc/puppet/modules ... > Notice: Downloading from https://forgeapi.puppetlabs.com ... > Debug: HTTP GET > https://forgeapi.puppetlabs.com/v3/releases?module=rtyler-jenkins > <https://www.google.com/url?q=https%3A%2F%2Fforgeapi.puppetlabs.com%2Fv3%2Freleases%3Fmodule%3Drtyler-jenkins&sa=D&sntz=1&usg=AFQjCNHu-FqhQGWQIIlMLS_p0AJTBVu6Qw> > Error: Could not connect via HTTPS to https://forgeapi.puppetlabs.com > Unable to verify the SSL certificate > The certificate may not be signed by a valid CA > The CA bundle included with OpenSSL may not be valid or up to date > >
Well you don't really want to trust unverified certificates, certainly not in an automated way. It sounds like you may need to update your trusted certificate store with one or more new CA certificates. On a RedHat-family Linux, that probably means updating package "ca-certificates". For what it's worth, neither Firefox on Windows nor curl (without -k) on CentOS 6.5 complain to me about untrusted SSL certificates when I access that forge URL, and I haven't made any special accommodation for it. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/caf39dff-7544-4b4b-81de-d0dada0ae9d2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
