diff options
author | Tim Smith <tsmith84@gmail.com> | 2020-09-15 20:17:26 -0700 |
---|---|---|
committer | Tim Smith <tsmith84@gmail.com> | 2020-09-15 20:17:26 -0700 |
commit | 8060a480d841234beae68fdd0b4c1ccab9bcd16a (patch) | |
tree | 35f70a300bedff20b6e4fc05db09591175945165 /lib | |
parent | 6b7122ba18efe97cfc9d77608805ce6dcce13544 (diff) | |
download | chef-8060a480d841234beae68fdd0b4c1ccab9bcd16a.tar.gz |
Update openssl_x509_crl examples
Signed-off-by: Tim Smith <tsmith@chef.io>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/chef/resource/openssl_x509_crl.rb | 29 |
1 files changed, 19 insertions, 10 deletions
diff --git a/lib/chef/resource/openssl_x509_crl.rb b/lib/chef/resource/openssl_x509_crl.rb index 7bc96fa4da..6e7f905084 100644 --- a/lib/chef/resource/openssl_x509_crl.rb +++ b/lib/chef/resource/openssl_x509_crl.rb @@ -31,15 +31,24 @@ class Chef description "Use the **openssl_x509_crl** resource to generate PEM-formatted x509 certificate revocation list (CRL) files." introduced "14.4" examples <<~DOC - Generate a CRL file given a cert file and key file + **Create a certificate revocation file** - ```ruby - openssl_x509_crl '/etc/ssl_files/my_ca2.crl' do - ca_cert_file '/etc/ssl_files/my_ca2.crt' - ca_key_file '/etc/ssl_files/my_ca2.key' - expire 1 - end - ``` + ```ruby + openssl_x509_crl '/etc/ssl_test/my_ca.crl' do + ca_cert_file '/etc/ssl_test/my_ca.crt' + ca_key_file '/etc/ssl_test/my_ca.key' + end + ``` + + **Create a certificate revocation file for a particular serial** + + ```ruby + openssl_x509_crl '/etc/ssl_test/my_ca.crl' do + ca_cert_file '/etc/ssl_test/my_ca.crt' + ca_key_file '/etc/ssl_test/my_ca.key' + serial_to_revoke C7BCB6602A2E4251EF4E2827A228CB52BC0CEA2F + end + ``` DOC property :path, String, @@ -62,11 +71,11 @@ class Chef default: 1 property :ca_cert_file, String, - description: "The path to the CA X509 Certificate on the filesystem. If the ca_cert_file property is specified, the ca_key_file property must also be specified, the CRL will be signed with them.", + description: "The path to the CA X509 Certificate on the filesystem. If the `ca_cert_file` property is specified, the `ca_key_file` property must also be specified, the CRL will be signed with them.", required: true property :ca_key_file, String, - description: "The path to the CA private key on the filesystem. If the ca_key_file property is specified, the ca_cert_file property must also be specified, the CRL will be signed with them.", + description: "The path to the CA private key on the filesystem. If the `ca_key_file` property is specified, the `ca_cert_file` property must also be specified, the CRL will be signed with them.", required: true property :ca_key_pass, String, |