I’m having an issue with adding a smart proxy. I am trying to attach to our external DNS solution and we have obtained and installed a certificated signed and validated by a CA (Identrust). I can see that openssl s_client -connect shows the certificate as valid and it works if I connect using a web browser as well. Typically, chain certificates are not needed with this CA, but in this case the DNS solution is serving up the correct chain certificates as well, yet Foreman is still not recognizing them and I get the error:
Unable to communicate with the proxy: ERF12-2530 [ProxyAPI::ProxyException]: Unable to detect features ([RestClient::SSLCertificateNotVerified]: SSL_connect returned=1 errno=0 state=error: certificate verify failed) for proxy https://ourdnssolution.example.com/features Please check the proxy is configured and running on the host.
This looks to be an underlying rails issue. What do I need to do to get my system to trust this certificate/CA like openssl does?