search

intercity / chef-repo

Set up your server to host Ruby on Rails apps. - Follow us on Twitter: @intercityup
MIT License
417 stars 84 forks source link

Where to put SSL certificates and keys in Chef repository? #188

Open conradwt opened 9 years ago

conradwt commented 9 years ago

HI, I have purchased SSL certs from a certificate authority (CA). Also, I added the files names to the site.json file within the nodes directory. For example,

"ssl_info": {
  "key": "example.com.key",
  "crt": "example.com.crt"
},

Now, where exactly should I put the actual certificates and keys within the chef-repo so that they are properly uploaded to the server and available to Nginx? At this time, the following files are empty after provisioning the server:

/u/apps/example_production/shared/config/certificate.crt
/u/apps/example_production/shared/config/certificate.key
jvanbaarsen commented 9 years ago

@conradwt You can add the content of the SSL keys to:

"ssl_info": {
  "key": "Here the content of the cert.key file",
  "crt": "Here the content of the cert.crt file."
},
conradwt commented 9 years ago

@jvanbaarsen Is it possible to not have to include the content within the node.json?

jvanbaarsen commented 9 years ago

@conradwt In that case you have to move them to the server yourself using scp. Then you don't have to add any ssl_info in your node.json, since it will see the certificates in /u/apps/your_app/shared/config/ and use those.