- From: Noah Kantrowitz <
>
- To:
- Subject: [chef] Re: Re: Re: how to configure security provider on chef server
- Date: Wed, 25 Jun 2014 03:31:35 -0700
Erlang and Ruby both use OpenSSL, so you'll have to recompile both with a
FIPS-enabled OpenSSL library. Look at the omnibus-chef and
omnibus-chef-server projects to see how to build those packages, and replace
the OpenSSL build instructions with whatever you need to do for FIPS stuff.
It is worth noting that both major OpenSSL replacement projects are dropping
FIPS mode, so you shouldn't assume this will be available permanently.
--Noah
On Jun 25, 2014, at 3:26 AM, "pat"
<
>
wrote:
>
Sorry I forget to mention, that this is about FIPS (US government security
>
standard), so it's not about user authentication but about communication.
>
>
Thanks
>
>
Pat
>
>
On Wed, 25 Jun 2014 02:50:45 -0700, Noah Kantrowitz wrote
>
> I'm guessing you mean for user authentication? Enterprise Chef
>
> supports LDAP for user authentication in the Web UI, but FOSS Chef
>
> does not. More to the point, user authentication only matters in the
>
> Web UI and that is deprecated in FOSS Chef anyway and should be disabled.
>
>
>
> --Noah
>
>
>
> On Jun 25, 2014, at 2:00 AM, "pat"
>
> <
>
>
> wrote:
>
>
>
>> Hi,
>
>>
>
>> I'm new to chef. I want to ask you if it's possible to configure different
>
>> security provider on chef server and if so, how to do it.
>
>>
>
>> Thanks
>
>>
>
>> Pat
>
>>
>
>> ----------------------------------------
>
>> Freehosting PIPNI - http://www.pipni.cz/
>
>>
>
>
>
----------------------------------------
>
Freehosting PIPNI - http://www.pipni.cz/
>
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
Archive powered by MHonArc 2.6.16.