class Chef::Resource::OpensslX509Certificate

Public Instance Methods

ca_info() click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 191
def ca_info
  # Will contain issuer (if any) & expiration
  ca_info = {}

  unless new_resource.ca_cert_file.nil?
    ca_info["issuer"] = OpenSSL::X509::Certificate.new ::File.read(new_resource.ca_cert_file)
  end
  ca_info["validity"] = new_resource.expire

  ca_info
end
ca_private_key() click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 182
def ca_private_key
  ca_private_key = if new_resource.csr_file.nil?
                     key
                   else
                     OpenSSL::PKey.read ::File.read(new_resource.ca_key_file), new_resource.ca_key_pass
                   end
  ca_private_key
end
cert() click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 213
def cert
  cert = gen_x509_cert(request, extensions, ca_info, ca_private_key)
  cert
end
extensions() click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 203
def extensions
  extensions = gen_x509_extensions(new_resource.extensions)

  unless new_resource.subject_alt_name.empty?
    extensions += gen_x509_extensions("subjectAltName" => { "values" => new_resource.subject_alt_name, "critical" => false })
  end

  extensions
end
generate_key_file() click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 141
def generate_key_file
  unless new_resource.key_file
    path, file = ::File.split(new_resource.path)
    filename = ::File.basename(file, ::File.extname(file))
    new_resource.key_file path + "/" + filename + ".key"
  end
  new_resource.key_file
end
key() click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 150
def key
  @key ||= if priv_key_file_valid?(generate_key_file, new_resource.key_pass)
             OpenSSL::PKey.read ::File.read(generate_key_file), new_resource.key_pass
           elsif new_resource.key_type == "rsa"
             gen_rsa_priv_key(new_resource.key_length)
           else
             gen_ec_priv_key(new_resource.key_curve)
           end
  @key
end
request() click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 161
def request
  request = if new_resource.csr_file.nil?
              gen_x509_request(subject, key)
            else
              OpenSSL::X509::Request.new ::File.read(new_resource.csr_file)
            end
  request
end
subject() click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 170
def subject
  subject = OpenSSL::X509::Name.new()
  subject.add_entry("C", new_resource.country) unless new_resource.country.nil?
  subject.add_entry("ST", new_resource.state) unless new_resource.state.nil?
  subject.add_entry("L", new_resource.city) unless new_resource.city.nil?
  subject.add_entry("O", new_resource.org) unless new_resource.org.nil?
  subject.add_entry("OU", new_resource.org_unit) unless new_resource.org_unit.nil?
  subject.add_entry("CN", new_resource.common_name)
  subject.add_entry("emailAddress", new_resource.email) unless new_resource.email.nil?
  subject
end