[chef] Re: RSA encryption using client keys

[< >]

Hi again,

I set up a knife plugin, a library for the openssl cookbook and a demo
cookbook.

You can get it at https://github.com/oscarschneider/openssldemo

The usage of the Chef PKI is a nice way to avoid "out of band" administration
when using encrypted databags, but use the Chef API only.

The next planned step is to create a knife plugin called role_secret which 
will
basically do the same thing as the node_secret plugin in the git repo linked
above, but search for all nodes of a certain role first and encrypt the same
secret with each node's/client's public key.

Cheers,

Oscar