Certificate Cookbook

April 13, 2026 ยท View on GitHub

Cookbook Version CI State OpenCollective OpenCollective License

Description

This cookbook automates the management of X.509 certificates, private keys, and CA root bundles. It provides a powerful and flexible certificate_manage resource to fetch data from Chef Data Bags (encrypted or unencrypted) or direct plaintext input.

Requirements

  • Chef Infra Client: >= 15.3 (Required for unified_mode)

Resources

certificate_manage

The primary resource for managing certificate files on disk.

certificate_manage 'my_site' do
  data_bag 'my_certs'
  data_bag_type 'encrypted'
  owner 'www-data'
  group 'www-data'
end

See the resource documentation for full details and examples!

Usage

This cookbook is designed to be used as a dependency in your own cookbooks. Add depends 'certificate' to your metadata.rb and use the certificate_manage resource.

Contributors

This project exists thanks to all the people who contribute.

Backers

Thank you to all our backers!

https://opencollective.com/sous-chefs#backers

Sponsors

Support this project by becoming a sponsor. Your logo will show up here with a link to your website.

https://opencollective.com/sous-chefs/sponsor/0/website