[chef] distribute ssl certs using encrypted data bags

anyone have examples they can share on how they're disting ssl
certificates from encrypted data bags? or, if not from data bags,
how are you doing it?

i'm studying 37 signals' ssl_certificates cookbook, but there's no
example therein using data bags.


i'm starting by trying to toss in the cert info into a data bag, but
this json is invalid?

[chef-repo]$ knife data bag from file --secret-file 
~/.chef/encrypted_data_bag_secret hush data_bags/hush/aws-creds-gurf.json 
ERROR: JSON::ParserError: 705: unexpected token at '{

[chef-repo]$ cat data_bags/hush/aws-creds-gurf.json
{
  "id":"aws-creds-gurf",
  "AWS_ACCOUNT_ID":"OU81-2222-5150",
  "ROOT_AWS_ACCESS_KEY_ID":"gurfaccesskeysplicersplicer",
  "ROOT_AWS_SECRET_ACCESS_KEY":"gurfsecretkeydaddydaddy",
  "DORQ_AWS_ACCESS_KEY_ID":"dorqaccesskeysistersister",
  "DORQ_AWS_SECRET_ACCESS_KEY":"dorqsecretkeyplasmidplasmid",
  "servercert":"-----BEGIN CERTIFICATE-----
MIICeqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqAYTbqqqqq
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
GEFXUyBMaW1pdGVkLUFzc3VyYW5jZSBDQTAeFw0wOTA3MDIwMTIyNTZaFw0xMDA3
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqNBSjUvc/oQgN8kRja+8d6b4z1hD
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
bWUr4dNogq3lqet04444EL+pLtMUEA52ZIdRG2w2Sn03CpUbbpoh5CpCyVcpYmcl
ZDAwaSx2D0+jadcCAwEAAaNXMFUwDgYDVR0PAQH/BAQDAgWgMBYGA1UdJQEB/wQM
MAoGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFDypRtGMWzc86nOf
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Y5Lgnkm7ESir9BSLnIFIhD9ibnaZuWUn+BNB5kzugsbPCnak7uyxFBSUp0rsEmOr
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
vPH8Bow18I4d6u7g
-----END CERTIFICATE-----"
}


can such certs be one continuous line? i don't think so, but i admit
i didn't verify that.

what to do?

schlanks,
kallen