Chef_nginx - SSL certificate and key?

Alexander_Skwar · June 22, 2017, 8:04am

Hello

Using the chef_nginx @ supermarket, how do you specify which SSL certificate is to be used?

And also, how do you set the key for the SSL certificate? As we store our cookbooks and such on an internal Git repo, I don’t feel too comfortable, saving the key there in an unencrypted format.

If I were to roll my own cookbook, I’d use encrypted databags, I suppose. But in chef_nginx?

We’re using chef-zero v12.19.36 on Ubuntu. No Chef Server.

Thanks,
Alexander

joerg.herzinger · June 22, 2017, 8:52am

The nginx cookbook itself does not deal with this, but there are some other cookbooks offering solutions. I’ve had good experiences with the ssl_certificate cookbook which also has an example of how to use it with the nginx cookbook: https://github.com/zuazo/ssl_certificate-cookbook#nginx-example
Chef Vault can encrypt your DataBags and will also work with chef-zero.

Topic		Replies	Views
RFC: ssl-key-management via chef-lwrp Chef Infra (archive)	2	386	July 31, 2013
Cert Management Chef Infra (archive)	3	401	February 20, 2014
Chef Server 12 - Problem deploying certificate from encrypted data bag Chef Infra (archive)	0	352	April 17, 2015
Supermarket cookbook URL not using TLS Chef Infra (archive)	3	412	March 5, 2015
Encrypted data bag fixtures in cookbooks Chef Infra (archive)	1	809	December 1, 2014

Chef_nginx - SSL certificate and key?

Related topics