could you store the binary file in a third party storage provider (i.e. amazon s3) and store references to them in the data bag?Tom Duffield — Automation Consulting Engineer
651.769.7497 – " style="color:rgb(105,117,130)" target="_blank"> – my: Linkedin Twitter
OPSCODE
CODE CAN
opscode.com Blog Facebook Twitter YouTube On Mon, Oct 28, 2013 at 2:55 PM, Eduardo Dias < " target="_blank"> > wrote:
Yes i can do it, but the point is regarding the certificate file type, they are binary files, then, I need to transform it to a text to save in databag and transform it again to binary to use.I am not sure if it works.Eduardo--2013/10/28 Tom Duffield < " target="_blank"> >
You could have the recipe upload the certificate to a data bag? Then the others could download the certificates as they get updated.Tom Duffield — Automation Consulting Engineer
651.769.7497 – " style="color:rgb(105,117,130)" target="_blank"> – my: Linkedin Twitter
OPSCODE
CODE CAN
opscode.com Blog Facebook Twitter YouTube On Mon, Oct 28, 2013 at 1:06 PM, Eduardo Dias < " target="_blank"> > wrote:
Yes, I can do it. But how to copy the certificates built during chef run from one to other?--2013/10/28 Tom Duffield < " target="_blank"> >
Could you drop off everything minus the self-signed portion using Chef and just generate the rest during the Chef run?Tom Duffield — Automation Consulting Engineer
651.769.7497 – " style="color:rgb(105,117,130)" target="_blank"> – my: Linkedin Twitter
OPSCODE
CODE CAN
opscode.com Blog Facebook Twitter YouTube On Mon, Oct 28, 2013 at 12:37 PM, Eduardo Dias < " target="_blank"> > wrote:
Thanks Tom,we are using databags and files to store some certificates, but in this case I need to create a self-signed certificate using the FQDN and import it in cacerts of clients machines.This is challenging me, how to do it in a secure way. I was trying to avoid create a trust relationship between the server and clients, just for security reasons.Regards,
Eduardo--2013/10/28 Tom Duffield < " target="_blank"> >Hey Eduardo,Methods that I have seen used in the past include:- Store the certificate in Chef managed entity (cookbook files, data bag) and have Chef drop it off- Use Chef recipe to establish SSH trust between the necessary servers.Tom Duffield — Automation Consulting Engineer
651.769.7497 – " style="color:rgb(105,117,130)" target="_blank"> – my: Linkedin Twitter
OPSCODE
CODE CAN
opscode.com Blog Facebook Twitter YouTube On Mon, Oct 28, 2013 at 11:56 AM, Eduardo Dias < " target="_blank"> > wrote:Hi Chef Community,I am looking for a tip to handle with Tomcat7 certificates, basically I need to copy the Tomcat7 public certificate to other servers and import it in Java cacerts. The problem is that I dont´t have ssh trust between these servers.Has anyone that had this problem before?Any tip will appreciated.Regards,
Eduardo
Atenciosamente,
Eduardo
Atenciosamente,
Eduardo
Atenciosamente,
Eduardo
Archive powered by MHonArc 2.6.16.