Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status


r1337-certmanage (4) Versions 0.1.1

Manages SSL certificates and keys via Chef Vault

cookbook 'r1337-certmanage', '= 0.1.1', :supermarket
cookbook 'r1337-certmanage', '= 0.1.1'
knife supermarket install r1337-certmanage
knife supermarket download r1337-certmanage
Quality 86%

Chef Cookbook - Certificate Management

This Chef cookbook will manage SSL certificates and keys through the use of Chef Vault.

Changes Performed

  1. Make sure /data/ssl as well as the certs and keys subdirectories are owned by root:root with 750 permissions
  2. Deploy SSL certificates in both Apache and NginX (certificate + ca-bundle in one file) formats to /data/ssl/certs
  3. Deploy SSL certificate keys to /data/ssl/keys
  4. Removes any files from /data/ssl, /data/ssl/certs, and /data/ssl/keys that were not placed there by Chef


  1. Chef (Tested on Chef 13.6.4)
  2. Linux chef-clients (Tested on Ubuntu 14.04, Ubuntu 16.04 and CentOS 7.2 but kitchen will let you test anything you want)
  3. The chef-vault cookbook from Chef Supermarket
  4. The managed_directory cookbook from Chef Supermarket

Installation Tips

  1. We personally use Berks to install this into Chef servers, because it will grab the dependencies for you as well.


  1. None so far :)

Known Issues

  1. None so far :)

certificates Data Bag Format

    "id": "cert", # Unique name for the cert item in the vault.
    "fqdn": "", # The cookbook will use this as part of the file name for the certificate and key
    "cert": "-----BEGIN CERTIFICATE-----\nMIIFQjC blah blah", # Certificate. REPLACE end lines with the literal characters "\n"
    "cabundle": "-----BEGIN CERTIFICATE-----\nMIIFQjC blah blah", # Certificate ca-bundle. REPLACE end lines with the literal characters "\n"
    "key": "-----BEGIN PRIVATE KEY-----\nMIIEwAIBA blah blah" # Certificate key. REPLACE end lines with the literal characters "\n"

Use Cases

Managing SSL certificates and keys in both Apache and NginX formats via the secure Chef Vault system.

Route 1337, LLC operates entirely on donations. If you find this cookbook useful, please consider donating via one of these methods.

  1. Bitcoin: 1CnzzrPh3iirEkLRLiWFKXDV9i5TXHQjE2
  2. Bitcoin Cash: qzcq645swgd87s7t5mmmjcumf4armhtjt5euww5c29
  3. Litecoin: LWYbc9hf5ErJsF874Q3wwmMiASHRWgwrjR
  4. Ethereum: 0x117543aa7a4D704849171cA06568Ece71B111D18

Thank you for your support!

Dependent cookbooks

chef-vault >= 0.0.0
managed_directory >= 0.0.0

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

Certificate Management - Changelog

A list of all the changes made to this cookbook

Version 0.1.1

  1. metadata.rb has been changed to set 13.6.4 as the minimum chef-client version instead of the only version

Version 0.1.0

  1. Initial Release

Collaborator Number Metric

0.1.1 failed this metric

Failure: Cookbook has 1 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric

0.1.1 passed this metric

Foodcritic Metric

0.1.1 passed this metric

License Metric

0.1.1 passed this metric

No Binaries Metric

0.1.1 passed this metric

Testing File Metric

0.1.1 passed this metric

Version Tag Metric

0.1.1 passed this metric