Chef-DK fails with OpenSSL::SSL::SSLError: SSL_read: cert already in hash table

[bradwilliamson]

I am currently using ChefDK 0.10.0 and getting OpenSSL::SSL::SSLError: SSL_read: cert already in hash table when attempting to provision a server. It seems like the only thing I can do to resolve this is reboot the workstation or jenkins server I have ChefDK on. I have attached the stacktrace & below is the output in powershell. Knife ssl fetch doesn't seem to resolve anything. I do not get this error with knife cookbook upload or download. This is also Windows not linux.

chef-client -o 'cookbook::recipe' -c C:\chef-repo.chef\knife.rb

�[0m machines ["ChefSQLDBbatch1", "Chefwebbatch1"]
�[0mend
�[0m
�[0m[2016-01-27T15:05:58-06:00] WARN: Resource.dsl_name is deprecated and will be removed in Chef 13. Use resource_name instead. at C:/opscode/chefdk/embedded/lib/ruby/gems/2.1.0/gems/chef-provisioning-1.5.0/lib/chef/resource/machine_batch.rb:53:in to_text' at C:/opscode/chefdk/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1-universal-mingw32/lib/chef/event_dispatch/dispatcher.rb:38:incall'
[2016-01-27T15:05:58-06:00] INFO: Running queued delayed notifications before re-raising exception
[2016-01-27T15:05:58-06:00] ERROR: Running exception handlers
[2016-01-27T15:05:58-06:00] ERROR: Exception handlers complete
[2016-01-27T15:05:58-06:00] INFO: Sending resource update report (run-id: 5c26e86c-5df4-4b1d-bfe5-f695286833a7)

[2016-01-27T15:06:03-06:00] FATAL: Stacktrace dumped to C:/chef/cache/chef-stacktrace.out
[2016-01-27T15:06:03-06:00] FATAL: OpenSSL::SSL::SSLError: machine_batch[default](vsphere::newbatch1 line 95) had an error: OpenSSL::SSL::SSLError: SSL_read: cert already in hash table
Build step 'Windows PowerShell' marked build as failure
Finished: FAILURE

chef-stacktrace.txt

[jValdron]

I'm having the same issue, just thought I'd share my output:

chef-client -j test.json -o "recipe[recipes::provision]"

[2016-02-12T09:29:21-04:00]` INFO: Running queued delayed notifications before re-raising exception
Running handlers:
[2016-02-12T09:29:21-04:00] ERROR: Running exception handlers
Running handlers complete
[2016-02-12T09:29:21-04:00] ERROR: Exception handlers complete
Chef Client failed. 0 resources updated in 02 minutes 57 seconds
[2016-02-12T09:29:21-04:00] FATAL: Stacktrace dumped to c:/chef/cache/chef-stacktrace.out
[2016-02-12T09:29:21-04:00] FATAL: OpenSSL::SSL::SSLError: machine_batch[default] (recipes::provision line 30) had a
n error: OpenSSL::SSL::SSLError: SSL_read: cert already in hash table

It always seems to throw that error at different places within my, rather large, recipe. Also, using ChefDK 0.10.0.

EDIT
I should mention that that was happening on Windows 2012 R2. I've just spun up a CentOS VM and the same recipe/config seems to be working fine under CentOS.

Also, seems related, if not the same, as #492

[bradwilliamson]

For me it is reproducable when if a chef-client run fails while running a recipe using machine_batch to provision multiple machines. This only occurs if the run fails, and I try to run it again afterwards to get it to complete successfully after altering code. If I run a different recipe provisioning one server. It clears the hash & runs again. If one server build fails this doesn't happen. This still occurs with ChefDK 0.12.0 installed on a Windows 7 VM chef-workstation.

[cheeseplus]

This is a dupe of #492 - also thinking this is probably something that'll need to be resolved in provisioning itself more than DK.