Information Technology Reference
In-Depth Information
dow. Also make sure that you remembered to click on the Load JSON from Source button,
and make sure the json tree rendered on the left matches the figure exactly.
Because we are using a self-signed certificate, we need to set one more attribute setting. We
need to tell the SSL library on the node that we trust the self-signed server certificate. In pro-
duction, you'd do this by writing a recipe that adds the custom certificate to the certificate
store. If you are using OpenSSL on your node, you will need to copy the certificate to the
SSL_CERT_DIR , the directory where trusted certificates are stored, and run c_rehash to re-
gister the self-signed certificate.
Figure 10-7. Click on the icon to update the attribute setting in the json tree, then click on Save
Node
In our test setup, we simulate this with the synchronized folder we set up for the node that
we configured in Chapter 9 . The synchronized folder makes the certificate we have in chef-
repo/.chef/trusted_certs locally on our host available on the node. This directory was set up
when you ran knife ssl fetch .
Go back to the Chef Server web interface, and add the ssl_ca_file attribute to the node.
Copy and paste the following JSON source:
{
"chef_client" : {
Search WWH ::




Custom Search