cookbook 'r1337-certmanage', '~> 0.1.3'
r1337-certmanage (4) Versions 0.1.3 Follow0
Manages SSL certificates and keys via Chef Vault
cookbook 'r1337-certmanage', '~> 0.1.3', :supermarket
knife supermarket install r1337-certmanage
knife supermarket download r1337-certmanage
Chef Cookbook - Certificate Management
This Chef cookbook will manage SSL certificates and keys through the use of Chef Vault.
Changes Performed
- Make sure
/data/ssl
as well as thecerts
andkeys
subdirectories are owned by root:root with 750 permissions - Deploy SSL certificates in both Apache and NginX (certificate + ca-bundle in one file) formats to
/data/ssl/certs
- Deploy SSL certificate keys to
/data/ssl/keys
- Removes any files from
/data/ssl
,/data/ssl/certs
, and/data/ssl/keys
that were not placed there by Chef
Requirements
- Chef (Tested on Chef 13.6.4)
- Linux chef-clients (Tested on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04, and CentOS 7.2 but kitchen will let you test anything you want)
- The chef-vault cookbook from Chef Supermarket
- The managed_directory cookbook from Chef Supermarket
Installation Tips
- We personally use Berks to install this into Chef servers, because it will grab the dependencies for you as well.
Limitations
- None so far :)
Known Issues
- None so far :)
certificates Data Bag Format
{
"id": "cert", # Unique name for the cert item in the vault.
"fqdn": "www.route1337.com", # The cookbook will use this as part of the file name for the certificate and key
"cert": "-----BEGIN CERTIFICATE-----\nMIIFQjC blah blah", # Certificate. REPLACE end lines with the literal characters "\n"
"cabundle": "-----BEGIN CERTIFICATE-----\nMIIFQjC blah blah", # Certificate ca-bundle. REPLACE end lines with the literal characters "\n"
"key": "-----BEGIN PRIVATE KEY-----\nMIIEwAIBA blah blah" # Certificate key. REPLACE end lines with the literal characters "\n"
}
Use Cases
Managing SSL certificates and keys in both Apache and NginX formats via the secure Chef Vault system.
Donate To Support This Chef Cookbook
Route 1337, LLC operates entirely on donations. If you find these scripts useful, please consider contacting us about how to donate.
Thank you for your support!
Dependent cookbooks
chef-vault >= 0.0.0 |
managed_directory >= 0.0.0 |
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
Certificate Management - Changelog
A list of all the changes made to this cookbook
Version 0.1.3
- Removing stale cryptocurrency wallets from donation section of README
Version 0.1.2
- Added testing to verify Ubuntu 18.04 support
Version 0.1.1
- metadata.rb has been changed to set 13.6.4 as the minimum chef-client version instead of the only version
Version 0.1.0
- Initial Release
Collaborator Number Metric
0.1.3 failed this metric
Failure: Cookbook has 1 collaborators. A cookbook must have at least 2 collaborators to pass this metric.
Contributing File Metric
0.1.3 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.1.3 passed this metric
No Binaries Metric
0.1.3 passed this metric
Testing File Metric
0.1.3 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.1.3 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.1.3 failed this metric
0.1.3 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.1.3 passed this metric
No Binaries Metric
0.1.3 passed this metric
Testing File Metric
0.1.3 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.1.3 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.1.3 passed this metric
0.1.3 passed this metric
Testing File Metric
0.1.3 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.1.3 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.1.3 failed this metric
0.1.3 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number