Use this snippet to create a self-signed certificate in a few lines of chef:
server_ssl_req = "/C=US/ST=Several/L=Locality/O=Example/OU=Operations/CN=#{node[:fqdn]}/emailAddress=root@#{node[:fqdn]}"
execute "Create SSL Certs" do
command "openssl req -subj \"#{server_ssl_req}\" -new -nodes -x509 -out /etc/nginx/cert.pem -keyout /etc/nginx/key.pem"
only_if(!File.exists?( "/etc/nginx/cert.pem" ).to_s)
end
No comments:
Post a Comment