Method: Chef::SslCertificateCookbook::ServiceHelpers#ssl_config_for_service

Defined in:: libraries/service_helpers.rb

#ssl_config_for_service(service) ⇒ `Hash`

Returns the recommended SSL configuration for a specific service.

You can create your own service specific configurations creating service subkeys under node['ssl_certificate']['service'].

default['ssl_certificate']['service'][:modern]['postfix']['protocols'] =
  'TLSv1.1, TLSv1.2'

By default, comes with configurations for 'apache' and 'nginx'. Will return default configuration for others ([#default_ssl_config]).

Examples:

ssl_config_for_service('apache')
#=> {"use_hsts"=>true, "use_stapling"=>true,
#    "description"=>"Modern compatibility: ...",
#    "cipher_suite"=>"...", "protocols"=>"all -SSLv2 -SSLv3 -TLSv1"}

Parameters:

service (String) —
service name.

Returns:

(Hash) —
SSL specific configuration.

See Also:

#default_ssl_config

# File 'libraries/service_helpers.rb', line 185

def ssl_config_for_service(service)
  config = default_ssl_config
  config_service = ssl_config_service(config, service)
  ssl_config_merge!(config, config_service)
end

Method: Chef::SslCertificateCookbook::ServiceHelpers#ssl_config_for_service

#ssl_config_for_service(service) ⇒ Hash

#ssl_config_for_service(service) ⇒ `Hash`