Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status


nss_tools (2) Versions 0.1.0

Installs/Configures nss_tools

cookbook 'nss_tools', '= 0.1.0', :supermarket
cookbook 'nss_tools', '= 0.1.0'
knife supermarket install nss_tools
knife supermarket download nss_tools
Quality 0%


This cookbook provides a LWRP for managing Mozilla NSS Certificate databaes.


A nss_tools_certdb resource block manages a named entry in a Mozilla Certificate
database. The full syntax for all of the properties that are available to the
nss_tools_certdb 'name' do
ca String, Array
crt String
dbprefix String
der String
directory String
key String
name String
notifies # see description
subscribes # see description
action Symbol # defaults to :update

* name is the name of the entry in the database (-n)
* directory is the directory of the database (-d), default: $HOME/.netscape
* dbprefix is the prefix of the database (see certutil for more info), optional
* ca, crt, der, key: see "Properties" section below


This resource has the following actions:

  • :update Default. Adds a new entry or checks to see if it is up-to-date with the source.
  • :delete Ensures that an entry doesn't exist.
  • :nothing Define this resource block to do nothing until notified by another resource to take action. When this resource is notified, this resource block is either run immediately or it is queued up to be run at the end of the chef-client run.


This resource has different properties depending on the input type. Input can
be certificate / key pairs in PEM or DER format. If both are passed PEM will
take priority.

PEM Certificate + Key (optionally CA)

  • ca (String, Array) (Optional): Path to a PEM encoded CA certificate or CA certificate bundle. Can also be an array of paths.
  • crt (String): Path to a PEM encoded certificate.
  • key (String): Path to a PEM encoded private key.


nss_tools_certdb 'My Certificate' do
  directory   '/etc/myapp'
  dbprefix    'myapp'
  ca          '/etc/ssl/ca/my-ca.crt'
  crt         '/etc/ssl/cert/my-cert.crt'
  key         '/etc/ssl/private/my-cert.key'
  notifies    :restart, 'service[myapp]', :delayed


  • der (String): Path to PKCS12 DER encoded certificate / key (optionally CA) file.


nss_tools_certdb 'My Certificate' do
  directory   '/etc/myapp'
  dbprefix    'myapp'
  der         '/etc/ssl/my-cert.p12'
  notifies    :restart, 'service[myapp]', :delayed

License and Authors

Author:: Altiscale, Inc (

License:: Apache 2.0

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

There are no cookbooks that are contingent upon this one.


Initial release of nss_tools

Foodcritic Metric

0.1.0 failed this metric

FC002: Avoid string interpolation where not required: /tmp/f8427a76de1cfcf7bcfedb5c/nss_tools/providers/certdb.rb:104