- From: "pat" <
>
- To:
- Subject: [chef] Re: Re: Re: Re: how to configure security provider on chef server
- Date: Wed, 25 Jun 2014 13:33:56 +0100
Thanks a lot for recommendation.
Pat
On Wed, 25 Jun 2014 03:31:35 -0700, Noah Kantrowitz wrote
>
Erlang and Ruby both use OpenSSL, so you'll have to recompile both
>
with a FIPS-enabled OpenSSL library. Look at the omnibus-chef and
>
omnibus-chef-server projects to see how to build those packages, and
>
replace the OpenSSL build instructions with whatever you need to do
>
for FIPS stuff. It is worth noting that both major OpenSSL
>
replacement projects are dropping FIPS mode, so you shouldn't assume
>
this will be available permanently.
>
>
--Noah
>
>
On Jun 25, 2014, at 3:26 AM, "pat"
>
<
>
>
wrote:
>
>
> Sorry I forget to mention, that this is about FIPS (US government security
>
> standard), so it's not about user authentication but about communication.
>
>
>
> Thanks
>
>
>
> Pat
>
>
>
> On Wed, 25 Jun 2014 02:50:45 -0700, Noah Kantrowitz wrote
>
>> I'm guessing you mean for user authentication? Enterprise Chef
>
>> supports LDAP for user authentication in the Web UI, but FOSS Chef
>
>> does not. More to the point, user authentication only matters in the
>
>> Web UI and that is deprecated in FOSS Chef anyway and should be disabled.
>
>>
>
>> --Noah
>
>>
>
>> On Jun 25, 2014, at 2:00 AM, "pat"
>
>> <
>
>
>> wrote:
>
>>
>
>>> Hi,
>
>>>
>
>>> I'm new to chef. I want to ask you if it's possible to configure
>
>>> different
>
>>> security provider on chef server and if so, how to do it.
>
>>>
>
>>> Thanks
>
>>>
>
>>> Pat
>
>>>
>
>>> ----------------------------------------
>
>>> Freehosting PIPNI - http://www.pipni.cz/
>
>>>
>
>
>
>
>
> ----------------------------------------
>
> Freehosting PIPNI - http://www.pipni.cz/
>
>
----------------------------------------
Freehosting PIPNI -
http://www.pipni.cz/
Archive powered by MHonArc 2.6.16.