OnWorks favicon

knife-ssl-fetch - Online in the Cloud

Run knife-ssl-fetch in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command knife-ssl-fetch that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator



knife-ssl-fetch - The man page for the knife ssl fetch subcommand.

The knife ssl fetch subcommand is used to copy SSL certificates from an HTTPS server to
the trusted_certs_dir directory that is used by knife and the chef-client to store trusted
SSL certificates. When these certificates match the hostname of the remote server, running
knife ssl fetch is the only step required to verify a remote server that is accessed by
either knife or the chef-client.

It is the user's responsibility to verify the authenticity of every SSL certificate
before downloading it to the trusted_certs_dir directory. knife will use any
certificate in that directory as if it is a 100% trusted and authentic SSL certificate.
knife will not be able to determine if any certificate in this directory has been
tampered with, is forged, malicious, or otherwise harmful. Therefore it is essential
that users take the proper steps before downloading certificates into this directory.


This subcommand has the following syntax:

$ knife ssl fetch URI_FOR_HTTPS_SERVER


This subcommand has the following options:

-a SSH_ATTR, --attribute SSH_ATTR
The attribute that is used when opening the SSH connection. The default attribute
is the FQDN of the host. Other possible values include a public IP address, a
private IP address, or a hostname.

-A, --forward-agent
Use to enable SSH agent forwarding.

The configuration file to use.

-C NUM, --concurrency NUM
The number of allowed concurrent connections.

--chef-zero-port PORT
The port on which chef-zero will listen.

Use to view colored output.

-d, --disable-editing
Use to prevent the $EDITOR from being opened and to accept data as-is.

Use to have knife use the default value instead of asking a user to provide one.

-e EDITOR, --editor EDITOR
The $EDITOR that is used for all interactive commands.

The name of the environment. When this option is added to a command, the command
will run only against the named environment.

-F FORMAT, --format FORMAT
The output format: summary (default), text, json, yaml, and pp.

-G GATEWAY, --ssh-gateway GATEWAY
The SSH tunnel or gateway that is used to run a bootstrap action on a machine that
is not accessible from the workstation.

-h, --help
Shows help for the command.

The SSH identity file used for authentication. Key-based authentication is

-k KEY, --key KEY
The private key that knife will use to sign requests made by the API client to the
Chef server.

-m, --manual-list
Use to define a search query as a space-separated list of servers. If there is more
than one item in the list, put quotes around the entire list. For example:
--manual-list "server01 server 02 server 03"

Use --no-host-key-verify to disable host key verification. Default setting:

OTHER The shell type. Possible values: interactive, screen, tmux, macterm, or cssh.
(csshx is deprecated in favor of cssh.)

-p PORT, --ssh-port PORT
The SSH port.

-P PASSWORD, --ssh-password PASSWORD
The SSH password. This can be used to pass the password directly on the command
line. If this option is not specified (and a password is required) knife will
prompt for the password.

Use to show data after a destructive operation.

-s URL, --server-url URL
The URL for the Chef server.

The search query used to return a list of servers to be accessed using SSH and the
specified SSH_COMMAND. This option uses the same syntax as the search sub-command.

The command that will be run against the results of a search query.

-u USER, --user USER
The user name used by knife to sign requests made by the API client to the Chef
server. Authentication will fail if the user name does not match the private key.

-v, --version
The version of the chef-client.

-V, --verbose
Set for more verbose outputs. Use -VV for maximum verbosity.

-x USER_NAME, --ssh-user USER_NAME
The SSH user name.

-y, --yes
Use to respond to all confirmation prompts with "Yes". knife will not ask for

-z, --local-mode
Use to run the chef-client in local mode. This allows all commands that work
against the Chef server to also work against the local chef-repo.


The following examples show how to use this knife subcommand:

Fetch the SSL certificates used by Knife from the Chef server

$ knife ssl fetch

Fetch the SSL certificates used by the chef-client from the Chef server

$ knife ssl fetch -c /etc/chef/client.rb

Fetch SSL certificates from a URL or URI

$ knife ssl fetch URL_or_URI

for example:

$ knife ssl fetch https://www.getchef.com

Use knife-ssl-fetch online using onworks.net services

Free Servers & Workstations

Download Windows & Linux apps

  • 1
    NSIS: Nullsoft Scriptable Install System
    NSIS: Nullsoft Scriptable Install System
    NSIS (Nullsoft Scriptable Install
    System) is a professional open source
    system to create Windows installers. It
    is designed to be as small and flexible
    as possi...
    Download NSIS: Nullsoft Scriptable Install System
  • 2
    AuthPass is an open source password
    manager with support for the popular and
    proven Keepass (kdbx 3.x AND kdbx 4.x ...
    Download authpass
  • 3
    Zabbix is an enterprise-class open
    source distributed monitoring solution
    designed to monitor and track
    performance and availability of network
    servers, device...
    Download Zabbix
  • 4
    This repository is no longer maintained
    and is kept for archival purposes. See
    https://invent.kde.org/sdk/kdiff3 for
    the newest code and
    Download KDiff3
  • 5
    USBLoaderGX is a GUI for
    Waninkoko's USB Loader, based on
    libwiigui. It allows listing and
    launching Wii games, Gamecube games and
    homebrew on Wii and WiiU...
    Download USBLoaderGX
  • 6
    Firebird RDBMS offers ANSI SQL features
    & runs on Linux, Windows &
    several Unix platforms. Features
    excellent concurrency & performance
    & power...
    Download Firebird
  • More »

Linux commands