chef - [chef] Chaining SSL certificates at deployment time.

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Chaining SSL certificates at deployment time.

From: "Jason J. W. Williams" < >
To:
Subject: [chef] Chaining SSL certificates at deployment time.
Date: Thu, 7 Jul 2011 17:09:14 -0600

Since nginx requires that intermediate chaining certificates be concatenated in the same .crt file as the SSL cert for the website, I've been trying to write my recipe to install the SSL cert and chaining cert files separately and then dynamically concatenating them into a new composite cert. For example, I have my actual certs cert1.crt and cert2.crt, this would produce composite-cert1.crt and composite-cert2.crt. However, the recipe code (https://gist.github.com/1070755) only triggers the chaining for cert1:

cookbook_file[/etc/nginx/ssl/cert1.crt] sending run action to execute[add chain certificate cert1.crt]

...

cookbook_file[/etc/nginx/ssl/cert2.crt] not queuing delayed action run on execute[add chain certificate cert2.crt] (delayed), as it's already been queued

Any pointers would be greatly appreciated.

-J

[chef] Chaining SSL certificates at deployment time., Jason J. W. Williams, 07/07/2011
- [chef] Re: Chaining SSL certificates at deployment time., Aaron Peterson, 07/07/2011
  - [chef] Re: Re: Chaining SSL certificates at deployment time., Jason J. W. Williams, 07/07/2011