class Chef::Resource::OpensslX509Certificate
Public Instance Methods
ca_info()
click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 191 def ca_info # Will contain issuer (if any) & expiration ca_info = {} unless new_resource.ca_cert_file.nil? ca_info["issuer"] = OpenSSL::X509::Certificate.new ::File.read(new_resource.ca_cert_file) end ca_info["validity"] = new_resource.expire ca_info end
ca_private_key()
click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 182 def ca_private_key ca_private_key = if new_resource.csr_file.nil? key else OpenSSL::PKey.read ::File.read(new_resource.ca_key_file), new_resource.ca_key_pass end ca_private_key end
cert()
click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 213 def cert cert = gen_x509_cert(request, extensions, ca_info, ca_private_key) cert end
extensions()
click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 203 def extensions extensions = gen_x509_extensions(new_resource.extensions) unless new_resource.subject_alt_name.empty? extensions += gen_x509_extensions("subjectAltName" => { "values" => new_resource.subject_alt_name, "critical" => false }) end extensions end
generate_key_file()
click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 141 def generate_key_file unless new_resource.key_file path, file = ::File.split(new_resource.path) filename = ::File.basename(file, ::File.extname(file)) new_resource.key_file path + "/" + filename + ".key" end new_resource.key_file end
key()
click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 150 def key @key ||= if priv_key_file_valid?(generate_key_file, new_resource.key_pass) OpenSSL::PKey.read ::File.read(generate_key_file), new_resource.key_pass elsif new_resource.key_type == "rsa" gen_rsa_priv_key(new_resource.key_length) else gen_ec_priv_key(new_resource.key_curve) end @key end
request()
click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 161 def request request = if new_resource.csr_file.nil? gen_x509_request(subject, key) else OpenSSL::X509::Request.new ::File.read(new_resource.csr_file) end request end
subject()
click to toggle source
# File lib/chef/resource/openssl_x509_certificate.rb, line 170 def subject subject = OpenSSL::X509::Name.new() subject.add_entry("C", new_resource.country) unless new_resource.country.nil? subject.add_entry("ST", new_resource.state) unless new_resource.state.nil? subject.add_entry("L", new_resource.city) unless new_resource.city.nil? subject.add_entry("O", new_resource.org) unless new_resource.org.nil? subject.add_entry("OU", new_resource.org_unit) unless new_resource.org_unit.nil? subject.add_entry("CN", new_resource.common_name) subject.add_entry("emailAddress", new_resource.email) unless new_resource.email.nil? subject end