Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

RSS

pki (3) Versions 0.0.1

Installs/Configures pki

Berkshelf/Librarian
Policyfile
Knife
cookbook 'pki', '= 0.0.1'
cookbook 'pki', '= 0.0.1', :supermarket
knife cookbook site install pki
knife cookbook site download pki
README
Dependencies
Quality -%

DESCRIPTION:

Proof of concept PKI implementation, powered by inter-node convergence and stateful resource providers.

REQUIREMENTS

RHEL6/Centos6 or higher hostname resolution taken care of earlier in the runlist (dns, etchosts)

Bootstrapped with -r 'recipe[selinux::disabled],recipe[yum::epel],recipe[etchosts],recipe[pki::server]' -r 'recipe[selinux::disabled],recipe[yum::epel],recipe[etchosts],recipe[pki::client]'

ATTRIBUTES

node[:pki][:openssldir]

USAGE

Clients check to see if they have an SSL keypair for their FQDN. If not, pki_servercert is called, which generates a private key and a CSR. The node then posts it's CSR as a node attribute

When the server side runs, it searches for a list of clients with the pki csr attribute set. When it finds a CSR, it signs it and places the resulting public key in a directory exposed by rsync. Since these are public keys, there are no security concerns here.

When a client is satisfied about its certificate, it will remove the attribute.

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

No quality metric results found