This is the command knife-ssl-check that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
knife-ssl-check - The man page for the knife ssl check subcommand.
The knife ssl check subcommand is used to verify the SSL configuration for the Enterprise
Chef and/or Open Source Chef servers, or at another location specified by a URL or URI.
WARNING:
When verification of a remote server's SSL certificate is disabled, the chef-client
will issue a warning similar to "SSL validation of HTTPS requests is disabled. HTTPS
connections are still encrypted, but the chef-client is not able to detect forged
replies or man-in-the-middle attacks." To configure SSL for the chef-client, set
ssl_verify_mode to :verify_peer (recommended) or verify_api_cert to true in the
client.rb file.
Syntax
This subcommand has the following syntax:
$ knife ssl check URI
Options
This subcommand has the following options:
-a SSH_ATTR, --attribute SSH_ATTR
The attribute that is used when opening the SSH connection. The default attribute
is the FQDN of the host. Other possible values include a public IP address, a
private IP address, or a hostname.
-A, --forward-agent
Use to enable SSH agent forwarding.
-c CONFIG_FILE, --config CONFIG_FILE
The configuration file to use.
-C NUM, --concurrency NUM
The number of allowed concurrent connections.
--chef-zero-port PORT
The port on which chef-zero will listen.
--[no-]color
Use to view colored output.
-d, --disable-editing
Use to prevent the $EDITOR from being opened and to accept data as-is.
--defaults
Use to have knife use the default value instead of asking a user to provide one.
-e EDITOR, --editor EDITOR
The $EDITOR that is used for all interactive commands.
-E ENVIRONMENT, --environment ENVIRONMENT
The name of the environment. When this option is added to a command, the command
will run only against the named environment.
-F FORMAT, --format FORMAT
The output format: summary (default), text, json, yaml, and pp.
-G GATEWAY, --ssh-gateway GATEWAY
The SSH tunnel or gateway that is used to run a bootstrap action on a machine that
is not accessible from the workstation.
-h, --help
Shows help for the command.
-i IDENTITY_FILE, --identity-file IDENTIFY_FILE
The SSH identity file used for authentication. Key-based authentication is
recommended.
-k KEY, --key KEY
The private key that knife will use to sign requests made by the API client to the
Chef server.
-m, --manual-list
Use to define a search query as a space-separated list of servers. If there is more
than one item in the list, put quotes around the entire list. For example:
--manual-list "server01 server 02 server 03"
--[no-]host-key-verify
Use --no-host-key-verify to disable host key verification. Default setting:
--host-key-verify.
OTHER The shell type. Possible values: interactive, screen, tmux, macterm, or cssh.
(csshx is deprecated in favor of cssh.)
-p PORT, --ssh-port PORT
The SSH port.
-P PASSWORD, --ssh-password PASSWORD
The SSH password. This can be used to pass the password directly on the command
line. If this option is not specified (and a password is required) knife will
prompt for the password.
--print-after
Use to show data after a destructive operation.
-s URL, --server-url URL
The URL for the Chef server.
SEARCH_QUERY
The search query used to return a list of servers to be accessed using SSH and the
specified SSH_COMMAND. This option uses the same syntax as the search sub-command.
SSH_COMMAND
The command that will be run against the results of a search query.
-u USER, --user USER
The user name used by knife to sign requests made by the API client to the Chef
server. Authentication will fail if the user name does not match the private key.
-v, --version
The version of the chef-client.
-V, --verbose
Set for more verbose outputs. Use -VV for maximum verbosity.
-x USER_NAME, --ssh-user USER_NAME
The SSH user name.
-y, --yes
Use to respond to all confirmation prompts with "Yes". knife will not ask for
confirmation.
-z, --local-mode
Use to run the chef-client in local mode. This allows all commands that work
against the Chef server to also work against the local chef-repo.
Examples
The following examples show how to use this knife subcommand:
Verify the SSL configuration for the Chef server
$ knife ssl check
Verify the SSL configuration for the chef-client
$ knife ssl check -c /etc/chef/client.rb
Verify an external server's SSL certificate
$ knife ssl check URL_or_URI
for example:
$ knife ssl check https://www.getchef.com
Use knife-ssl-check online using onworks.net services