cookbook 'client-rekey', '= 0.1.0'
The client-rekey cookbook has been deprecated
Author provided reason for deprecation:
The client-rekey cookbook has been deprecated and is no longer being maintained by its authors. Use of the client-rekey cookbook is no longer recommended.
client-rekey (3) Versions 0.1.0 Follow5
Regenerates your client key
cookbook 'client-rekey', '= 0.1.0', :supermarket
knife supermarket install client-rekey
knife supermarket download client-rekey
client-rekey-cookbook
Regenerates a chef-client's API key. You want to use this if you believe
your client keys could be exposed as a result of the heartbleed
vulnerability.
By default, this cookbook will cause chef-client to rekey itself every
24 hours. This can be adjusted with the attribute
node['client-rekey']['interval']
, which is the maximum allowed age of
the client key in seconds.
The library in this cookbook will honor the client configuration setting
local_key_generation
. If set to true in the client.rb
configuration
file, the private key will be generated locally and only the public key
will travel over the wire. This requires a Chef 11 server.
Supported Platforms
This is expected to work on all platforms that chef-client supports.
Attributes
node['client-rekey']['interval']
: This recipe uses the mtime of your
client.pem to determine when it was last updated. If the difference
between now and the file's mtime is greater than this interval setting,
your client key will be regenerated.
Usage
client-rekey::default
Include client-rekey
in your node's run_list
:
{ "run_list": [ "recipe[client-rekey::default]" ] }
Contributing
- Fork the repository on Github
- Create a named feature branch (i.e.
add-new-recipe
) - Write you change
- Write tests for your change (if applicable)
- Run the tests, ensuring they all pass
- Submit a Pull Request
License and Authors
License:: Apache 2.0 (see: LICENSE)
Author:: Chef Software, inc.
Dependent cookbooks
This cookbook has no specified dependencies.