spuder
Reputation: 18447
Chef 11 Regenerate validation key
I can't get my nodes setup, so I am going to try and regenerate my validator key. The instructions to regenerate the key for the old chef 10 is located here
I've tried deleting /etc/chef-server/-validator.pem and restarting the server. I expect the key to be regenerated, but so far it hasn't been recreated.
Here are the steps for chef 10 I am trying to translate to chef 11.
$ ls -l /etc/chef/validation.pem
-rw-r--r-- 1 root root 1676 2011-07-14 11:44 /etc/chef/validation.pem
$ sudo rm /etc/chef/validation.pem
$ sudo /etc/init.d/chef-server restart
* Restarting chef-server
~ Killing pid 10783 with INT
~ In 12051
...done.
$ ls -l /etc/chef/validation.pem
-rw------- 1 chef chef 1679 2011-07-14 11:55 /etc/chef/validation.pem
Here are my steps for chef 11(not working) I have sanitized my company name to read ""
ls -l /etc/chef-server/<myOrg>-validation.pem
sudo rm /etc/chef-server/<myOrg>-validation.pem
sudo chef-server-ctl restart
ls -l /etc/chef-server/<myOrg>-validation.pem
ls: cannot access <myOrg>-validation.pem: No such file or directory
Upvotes: 2
Views: 5758
Answers (1)
Patrick Gardella
Reputation: 4451
Use the webui as an admin. Edit the client "chef-validator" and check the box for "Regenerate Private Key". Then copy/paste it into /etc/chef-server/chef-validator.pem and everywhere else you need it.
Upvotes: 5
Related Questions
- Chef clients and validators
- Any way to generate and get validation key from chef server?
- Chef: modify existing resource
- Chef chef-validator.pem security
- Chef server password reset
- Validatorless Bootstraps in chef 12.2.0
- Change default validation_client_name on chef-client to "orgname-validator"
- Chef, override attribute
- Chef update config file
- Is there a non-interactive way to regenerate OSS chef 11 validator key?