those are public keys
On Tue, Aug 5, 2014 at 9:40 AM, DV < "> > wrote:
> Well,our Chef server was set up using standard Chef rpm and it comes with
> validator and webui keys stored in /etc/chef-server, how about that?
>
>> rpm -qa|grep chef
> chef-server-11.0.11-1.el6.x86_64
>
>> ll /etc/chef-server/
> total 28
> -rw------- 1 root root 1679 Apr 3 14:22 admin.pem
> -rw-r--r-- 1 root root 42 Apr 5 18:10 chef-server.rb
> -rw------- 1 chef_server root 7773 Apr 5 18:22
> chef-server-running.json
> -rw------- 1 root root 765 Apr 11 14:11
> chef-server-secrets.json
> -rw------- 1 root root 1679 Apr 3 14:22 chef-validator.pem
> -rw-r----- 1 root chef_server 1679 Apr 3 14:22 chef-webui.pem
>
>
> On Mon, Aug 4, 2014 at 2:11 AM, Steven Danna < "> > wrote:
>>
>> Hi,
>>
>> On Sun, Aug 3, 2014 at 3:33 PM, Arnold Krille < "> >
>> wrote:
>>
>> > I think the main reason Chef-Server can't give you the validation-key
>> > is that it doesn't store the private keys of users, machines or
>> > validators. And if it did, there would be several people filing urgent
>> > security reports against it...
>>
>> This is correct. The server does not store the private key and thus
>> there is no way to redownload the private key for an existing client
>> from the Chef server without resetting the keys.
>>
>> Cheers,
>>
>> Steven
>
>
>
>
> --
> Best regards, Dmitriy V.
Archive powered by MHonArc 2.6.16.