Use v3 data bag encryption

Closes: #5819 Signed-off-by: Thom May <thom@chef.io>
author: Thom May <thom@chef.io> 2017-03-08 11:06:22 +0000
committer: Thom May <thom@chef.io> 2017-03-08 11:06:22 +0000
commit: b177cd4c67ffc7357f3c51538385b35458495184 (patch)
tree: e40970fcd001f1f38fef4b0b0a7c80f4fc7d70dc /chef-config/lib/chef-config
parent: d58ede971714682af48607b80379e428f39a156c (diff)
download: chef-b177cd4c67ffc7357f3c51538385b35458495184.tar.gz
1 files changed, 3 insertions, 6 deletions
diff --git a/chef-config/lib/chef-config/config.rb b/chef-config/lib/chef-config/config.rb
index 3a55c8233d..bb516942df 100644
--- a/chef-config/lib/chef-config/config.rb
+++ b/chef-config/lib/chef-config/config.rb
@@ -606,13 +606,10 @@ module ChefConfig
       end
     end
 
-    # As of Chef 11.0, version "1" is the default encrypted data bag item
-    # format. Version "2" is available which adds encrypt-then-mac protection.
-    # To maintain compatibility, versions other than 1 must be opt-in.
+    # As of Chef 13.0, version "3" is the default encrypted data bag item
+    # format.
     #
-    # Set this to `2` if you have chef-client 11.6.0+ in your infrastructure.
-    # Set this to `3` if you have chef-client 11.?.0+, ruby 2 and OpenSSL >= 1.0.1 in your infrastructure. (TODO)
-    default :data_bag_encrypt_version, 1
+    default :data_bag_encrypt_version, 3
 
     # When reading data bag items, any supported version is accepted. However,
     # if all encrypted data bags have been generated with the version 2 format,
author	Thom May <thom@chef.io>	2017-03-08 11:06:22 +0000
committer	Thom May <thom@chef.io>	2017-03-08 11:06:22 +0000
commit	b177cd4c67ffc7357f3c51538385b35458495184 (patch)
tree	e40970fcd001f1f38fef4b0b0a7c80f4fc7d70dc /chef-config/lib/chef-config
parent	d58ede971714682af48607b80379e428f39a156c (diff)
download	chef-b177cd4c67ffc7357f3c51538385b35458495184.tar.gz