Add custom signed certificates to Chef server 12
Pretty simple request and a simple answer. Under /etc/opscode is a probably empty file called chef-server.rb you can append the following values or run the below script (substituting your certificate and key names) if the file is empty.
1 2 3 4 5 6 |
cat >/etc/opscode/chef-server.rb <<EOL nginx['ssl_certificate'] = "/etc/pki/tls/private/<your-certificate-file>.cer" nginx['ssl_certificate_key'] = "/etc/pki/tls/private/<your-private-key-file>.key" nginx['ssl_ciphers'] = "HIGH:MEDIUM:!LOW:!kEDH:!aNULL:!ADH:!eNULL:!EXP:!SSLv2:!SEED:!CAMELLIA:!PSK" nginx['ssl_protocols'] = "TLSv1 TLSv1.1 TLSv1.2" EOL |
If this is a fresh OS