Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status


openssl_install (4) Versions 1.1.1

Provides a resource for installing OpenSSL from source

cookbook 'openssl_install', '= 1.1.1', :supermarket
cookbook 'openssl_install', '= 1.1.1'
knife supermarket install openssl_install
knife supermarket download openssl_install
Quality 83%

OpenSSL Install Cookbook

GitHub Tag
Build status

Maintainer: OIT Systems Engineering (


This cookbook provides a single resource that downloads, configures, compiles, and installs OpenSSL.



This cookbook requires Chef 14+


Supported Platform Families:

  • Debian
    • Ubuntu, Mint
  • Red Hat Enterprise Linux
    • Amazon, CentOS, Oracle
  • Suse

Platforms validated via Test Kitchen:

  • Ubuntu
  • Debian
  • CentOS
  • Oracle
  • Fedora
  • Amazon
  • Suse


  • This cookbook should support any recent Linux variant.


This cookbook does not constrain its dependencies because it is intended as a utility library.
It should ultimately be used within a wrapper cookbook.


This cookbook provides one resource for creating an OpenSSL installation.


This resource provides a single action to create an OpenSSL installation.


One action is provided.

  • :create - Post condition is that source and binary artifacts exist in specified directories.


  • version - Defaults to nil. The version of OpenSSL to install. If nil, will default to the latest version when this cookbook was updated. The helper default_openssl_version is provided for fetching this value.
  • download_directory - Defaults to nil. The local path to the directory into which to download the source archive. See note below about paths.
  • build_directory - Defaults to nil. The local path to the directory into which to decompress and build the source code. See note below about paths.
  • install_directory - Defaults to nil. The local path to the directory into which to install the binary artifacts. See note below about paths.
  • owner - Defaults to root. The owner of all artifacts.
  • group - Defaults to root. The group of all artifacts.
  • strict_security - Defaults to true. Determines if unsecure features of OpenSSL are disabled. These include SSL2, SSL3 and RC4. If true, a change to the source path (moving the source file) will cause the resource to converge and signal subscribers. The source path is canonicalized before recording so relative, absolute, double dots, and multiple slashes do not matter.

Note on paths

If a path is set for download, build or install, then the client must assure the directory exists before the resource runs.
The resource runs as root and sets permissions on any created files, so is capable of placing a user-owned directory in a root-owned directory.

Fairly standard defaults are used for paths.
If download_directory or build_directory is nil (default), '/var/chef/cache' will be used.
If install directory is nil (default), "/opt/openssl/#{version}" will be created and used.

For build_directory, the path given is the parent of the source root that is created when the archive is extracted.
For example, if build_directory is set to '/usr/local/openssl-src', then the source root will be "/usr/local/openssl-src/openssl-#{version}".

For install_directory, the path given is the root of the install.
For example, if install_directory is set to '/usr/local/openssl', then the path to the OpenSSL shared library will be '/usr/local/openssl/lib/'.
The lib path must be added to linker and runtime configurations (typically use -L and rpath, respectively) for dependents to load the custom libraries.


This cookbook provides no recipes.


Custom resources can be used as below.

openssl_installation 'No Defaults' do
  version '1.1.0k'
  download_directory '/usr/local/openssl-dl'
  build_directory '/usr/local/openssl-bld'
  install_directory '/usr/local/openssl'
  owner 'some-dude'
  group 'some-dudes'
  strict_security false


See and

Changelog for OpenSSL Install Cookbook


  • Fixed absolute default path


  • Added helpers for default version and path
  • Created installer library


  • Initial release

Collaborator Number Metric

1.1.1 failed this metric

Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric

1.1.1 passed this metric

Foodcritic Metric

1.1.1 passed this metric

No Binaries Metric

1.1.1 passed this metric

Testing File Metric

1.1.1 passed this metric

Version Tag Metric

1.1.1 passed this metric