chef-repo icon indicating copy to clipboard operation
chef-repo copied to clipboard

Published 20 hours ago verified publisher icon intercity

Where to put SSL certificates and keys in Chef repository?

Open conradwt opened this issue 9 years ago • 3 comments

HI, I have purchased SSL certs from a certificate authority (CA). Also, I added the files names to the site.json file within the nodes directory. For example,

"ssl_info": {
  "key": "example.com.key",
  "crt": "example.com.crt"
},

Now, where exactly should I put the actual certificates and keys within the chef-repo so that they are properly uploaded to the server and available to Nginx? At this time, the following files are empty after provisioning the server:

/u/apps/example_production/shared/config/certificate.crt
/u/apps/example_production/shared/config/certificate.key

conradwt avatar Mar 30 '15 02:03 conradwt

@conradwt You can add the content of the SSL keys to:

"ssl_info": {
  "key": "Here the content of the cert.key file",
  "crt": "Here the content of the cert.crt file."
},

jvanbaarsen avatar Mar 30 '15 08:03 jvanbaarsen

@jvanbaarsen Is it possible to not have to include the content within the node.json?

conradwt avatar Mar 31 '15 09:03 conradwt

@conradwt In that case you have to move them to the server yourself using scp. Then you don't have to add any ssl_info in your node.json, since it will see the certificates in /u/apps/your_app/shared/config/ and use those.

jvanbaarsen avatar Mar 31 '15 10:03 jvanbaarsen