Information Technology Reference
In-Depth Information
Similarly, there is a
.pem
for each node that runs
chef-client
containing a private key.
We'll call this
client.pem
for the sake of discussion.
Figure 10-3
presents an overview of how
this key is used to verify that requests come from a node. In this example, Node A has a
private key, which is a unique
client.pem
file that lives on the node. When the
client.pem
file
was created, an associated public key was generated and stored on the Chef server. Node A
signs all HTTP requests it makes to Chef Server with its private key. When Chef Server re-
ceives a request, it verifies that the signature is from Node A by using Node A's public key to
ensure it is a legitimate request from Node A.