Chef cookbook that downloads and updates a cacert.pem file and sets the SSL_CERT_FILE environment variable.
- Linux
- Windows
The cacert.pem file contains a list of public root CA certificates. It is used by the OpenSSL library to validate SSL connections. The file must be kept up to date in order to ensure communication is possible with all public secure sites.
New versions of cacert.pem can be obtained from the official curl homepage. The curl maintainers ask that their site not be used as a primary download server. As such, we mirror date stamped copies of cacert.pem in the cacert-local repo in Artifactory.
To update the cacert.pem file installed by this cookbook:
- Download the latest date stamped cacert.pem file (ex.
cacert-2018-12-05.pem) from the official curl homepage. - Upload it to the cacert-local repo in Artifactory.
- Update
default['cacert']['pem_url']in attributes/default.rb. - Ensure the cookbook's TeamCity build passes.
- Fork the repository on GitHub.
- Create a named feature branch. (i.e.
add-new-module) - Write your change.
- Write tests for your change, if applicable.
- Run the tests, ensuring they all pass.
- Submit a pull request.
Author:: Changepoint Engineering ([email protected])