diff options
| -rw-r--r-- | cspell.json | 1 | ||||
| -rw-r--r-- | kitchen-tests/test/integration/end-to-end/_openssl.rb | 6 | ||||
| -rw-r--r-- | lib/chef/resource/openssl_x509_certificate.rb | 2 |
3 files changed, 8 insertions, 1 deletions
diff --git a/cspell.json b/cspell.json index 4c974d6a80..66c26b91d6 100644 --- a/cspell.json +++ b/cspell.json @@ -27,6 +27,7 @@ "ADMINI", "adminonly", "advapi", + "Afile", "Afonov", "agrs", "airgapped", diff --git a/kitchen-tests/test/integration/end-to-end/_openssl.rb b/kitchen-tests/test/integration/end-to-end/_openssl.rb new file mode 100644 index 0000000000..c68889f3bb --- /dev/null +++ b/kitchen-tests/test/integration/end-to-end/_openssl.rb @@ -0,0 +1,6 @@ +# Reference recipes/_openssl.rb test to 'generate and sign a certificate with the CA' +# This ensures that the generated certificate is valid. +describe command("/opt/chef/embedded/bin/openssl verify -CAfile /etc/ssl_test/my_ca.crt /etc/ssl_test/my_signed_cert.crt") do + its("stdout") { should match /my_signed_cert.*OK/ } + its("stderr") { should be_empty } +end diff --git a/lib/chef/resource/openssl_x509_certificate.rb b/lib/chef/resource/openssl_x509_certificate.rb index a6e0eb97f2..8d5ca2b9fa 100644 --- a/lib/chef/resource/openssl_x509_certificate.rb +++ b/lib/chef/resource/openssl_x509_certificate.rb @@ -226,7 +226,7 @@ class Chef end def ca_private_key - if new_resource.csr_file.nil? + if new_resource.ca_key_file.nil? key else OpenSSL::PKey.read ::File.read(new_resource.ca_key_file), new_resource.ca_key_pass |