SSL certificate errors adding smart proxy

Hi all,

I’m having an issue with adding a smart proxy. I am trying to attach to our external DNS solution and we have obtained and installed a certificated signed and validated by a CA (Identrust). I can see that openssl s_client -connect shows the certificate as valid and it works if I connect using a web browser as well. Typically, chain certificates are not needed with this CA, but in this case the DNS solution is serving up the correct chain certificates as well, yet Foreman is still not recognizing them and I get the error:

Unable to communicate with the proxy: ERF12-2530 [ProxyAPI::ProxyException]: Unable to detect features ([RestClient::SSLCertificateNotVerified]: SSL_connect returned=1 errno=0 state=error: certificate verify failed) for proxy
Please check the proxy is configured and running on the host.

This looks to be an underlying rails issue. What do I need to do to get my system to trust this certificate/CA like openssl does?

Long shot, SSL is not my area, but is Troubleshooting - Foreman of any use?

That did it. I had to point the config towards the certificate bundle outlined there instead of the puppet CA

1 Like

A post was split to a new topic: SSL Errors with proxy and installer