After I moved to a hosted version of the chef server, I started getting this problem with knife:
knife download environments ERROR: SSL Validation failure connecting to host: chef.yourdomain.com - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed ERROR: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
There are a couple of ways to fix this.
The short-term way is to ignore SSL on your knife.rb file with this setting:
The better and more long-term solution is to add this line to the knife.rb file:
And then run:
knife ssl fetch
I then had to ignore the trusted_certs file in my git repo.
Thanks to Matt Stratton and his colleagues at chef for helping me find the solution.