|
I noticed this the other day and haven't had time to file an issue, but just fired this off:
https://github.com/chef/supermarket/issues/994 In the meantime I'm using a copy of the nginx template with the two lines corrected. Chris Crebolder | Network Services Specialist | University of Toronto Libraries | Information Technology Services From: Daniel Klopp
Sent: Monday, March 02, 2015 6:44 PM To: Subject: [chef] Supermarket cookbook URL not using TLS I've used the Chef Supermarket cookbook from
https://github.com/opscode-cookbooks/supermarket to deploy a private Supermarket. By default Supermarket seems to store cookbook references with a standard HTTP URI, but TLS is
already configured on the private Supermarket with a proper cert. For example, the URI: https://UNDISCLOSED/api/v1/cookbooks/my-keepalived/versions/0.1.3/ returns
{"license":"All Rights Reserved","tarball_file_size":349297,"version":"0.1.3","average_rating":null,"cookbook":"http://UNDISCLOSED/api/v1/cookbooks/my-keepalived","file":"http://UNDISCLOSED/api/v1/cookbooks/my-keepalived/versions/0.1.3/download","dependencies":{"python":">= 0.0.0","ark":">= 0.0.0","shared_ip":">= 0.0.0","keepalived":">= 0.0.0"}}
It gives a reference to HTTP instead of HTTPS from within an HTTPS context. This causes security errors with Berk's libraries.Is there a simple configuration option I am missing to store the cookbooks under an HTTPS URI? -Dan This communication is Confidential Information. By using this message and attachments you implicitly consent to terms and conditions set forth at http://www.taos.com/email_disclaimer. If you do not consent or received this message in error, please destroy it. |
Archive powered by MHonArc 2.6.16.