ssl_cert CHANGELOG
==================
+0.4.2
+-----
+- adds the `['ssl_cert']['ca_name_symlinks']` attribute.
+
0.4.1
-----
- adds `SSLCert::Helper.append_ca_name` method.
|Key|Type|Description, example|Default|
|:--|:--|:--|:--|
|`['ssl_cert']['ca_names']`|Array|deployed CA certificates from chef-vault|empty|
+|`['ssl_cert']['ca_name_symlinks']`|Hash|Key: ca_name, value: array of symbolic link names to the CA certificate file.|empty|
|`['ssl_cert']['ca_pubkey_names']`|Array|deployed CA public keys from chef-vault (0.2.0 or later)|empty|
|`['ssl_cert']['ssh_ca_krl_name']`|String|deployed SSH-CA KRL (Key Revocation List) from chef-vault (0.3.0 or later)|`nil`|
|`['ssl_cert']['common_names']`|Array|deployed server keys and/or certificates from chef-vault|empty|
default['ssl_cert']['ca_names'] = [
#'grid_ca',
]
+default['ssl_cert']['ca_name_symlinks'] = {
+ #'grid_ca' => [
+ # '/path/to/linkname',
+ #],
+}
# deployed CA public keys from chef-vault
# for SSH-CA, ...
notifies :run, "execute[#{update_command_name}]", :delayed
end
+ symlinks(node['ssl_cert']['ca_name_symlinks'][ca], cert_path)
+
case node['platform_family']
when 'debian'
execute "add_ca_cert_entry_#{cert_file_name}" do
end
end
+ def symlinks(link_names, target_path)
+ return if link_names.nil?
+
+ link_names.each {|name|
+ link name do
+ to target_path
+ end
+ }
+ end
+
def ca_pubkey_path(ca)
undotted_ca = ca.tr('.', '_')
node['ssl_cert']["#{undotted_ca}_pubkey_path"]