Giters

jasonwbarnett / ca-certificates-cookbook

ca-certificates Chef Cookbook

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

ca-certificates Cookbook

This cookbook installs ca-certificates.

How to generate the base ca-bundle.pem

git clone https://github.com/agl/extract-nss-root-certs.git
cd extract-nss-root-certs
curl https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt -o certdata.txt
go run convert_mozilla_certdata.go -to-files=true
[[ -f ca-bundle.pem ]] && rm -f ca-bundle.pem || touch ca-bundle.pem
for cert in `ls *.pem`; do openssl x509 -text -in ${cert} >> ca-bundle.pem; done

Requirements

OS

Must be running a RHEL distro. I added debian support recently, but it's testing is very limited.

Attributes

package

This is the name of the package to be installed by the package manager.

ca-bundle_path

This is the location of the actual ca-bundle.crt that is installed by the package manager.

Usage

ca-certificates::default

Just include ca-certificates in your node's run_list:

{
  "name":"my_node",
  "run_list": [
    "recipe[ca-certificates]"
  ]
}

License and Authors

Authors: Jason Barnett (J@sonBarnett.com)

About

ca-certificates Chef Cookbook

Languages

Language:Ruby 87.4%Language:Shell 12.6%