Chef_nginx - SSL certificate and key?

Alexander_Skwar · June 22, 2017, 8:04am

Hello

Using the chef_nginx @ supermarket, how do you specify which SSL certificate is to be used?

And also, how do you set the key for the SSL certificate? As we store our cookbooks and such on an internal Git repo, I don’t feel too comfortable, saving the key there in an unencrypted format.

If I were to roll my own cookbook, I’d use encrypted databags, I suppose. But in chef_nginx?

We’re using chef-zero v12.19.36 on Ubuntu. No Chef Server.

Thanks,
Alexander

joerg.herzinger · June 22, 2017, 8:52am

The nginx cookbook itself does not deal with this, but there are some other cookbooks offering solutions. I’ve had good experiences with the ssl_certificate cookbook which also has an example of how to use it with the nginx cookbook: https://github.com/zuazo/ssl_certificate-cookbook#nginx-example
Chef Vault can encrypt your DataBags and will also work with chef-zero.

Topic		Replies	Views
RFC: ssl-key-management via chef-lwrp Chef Infra (archive)	2	361	July 31, 2013
Cert Management Chef Infra (archive)	3	375	February 20, 2014
Chef Server 12 - Problem deploying certificate from encrypted data bag Chef Infra (archive)	0	297	April 17, 2015
Encrypted data bag fixtures in cookbooks Chef Infra (archive)	1	780	December 1, 2014
File format change after cookbook upload Chef Infra (archive)	5	418	February 7, 2019

Chef_nginx - SSL certificate and key?

Related Topics