chef-dev - [chef-dev] Re: How do you keeping SSL Certs out of your chef server?

Subscribers: 756
Owners
Adam Jacob
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

Chef Developers

[chef-dev] Re: How do you keeping SSL Certs out of your chef server?

From: Brad Knowles < >
To: Joseph Anthony Pasquale Holsten < >
Cc: Brad Knowles < >, Chef Dev < >
Subject: [chef-dev] Re: How do you keeping SSL Certs out of your chef server?
Date: Mon, 27 Feb 2012 20:59:51 -0600
Authentication-results: mr.google.com; spf=pass (google.com: domain of designates 10.236.136.99 as permitted sender) ; dkim=pass

On Feb 27, 2012, at 8:25 PM, Joseph Anthony Pasquale Holsten wrote:

> I really don't want to keep my SSL certs in data bags or cookbooks in my
> chef repo, but I still need chef-client to be able to get at them when I
> build out a new web server.
>
> Has anyone found a nice way to solve this?

We use encrypted data bags, following the example demonstrated by Joshua
Timberman in some of his blog posts.

If anyone know of a better solution, please let me know.

--
Brad Knowles
< >
SAGE Level IV, Chef Level 0.0.1

[chef-dev] How do you keeping SSL Certs out of your chef server?, Joseph Anthony Pasquale Holsten, 02/27/2012
- [chef-dev] Re: How do you keeping SSL Certs out of your chef server?, Brad Knowles, 02/27/2012