Manage Java keystore and certificates - Puppet 3

asked 2018-04-17 13:31:40 -0600

grahamking gravatar image


I am looking to use Puppet to convert a certificate created by a Windows CA to be used on Linux with Tomcat. I then want to place it in a Java keystore and check if the cert is updated and replace the certificate in the store if required. Has anyone achieved anything similar without using the puppetlabs/java_ks as I am limited to using Puppet 3?

The way that I was thinking of doing this is by placing the cert in an eyaml file to create the cert in a directory and then use an exec to run openssl to convert the cert, keytool to place it in the store. I then thought using the refresh attribute to check when the file is changed? I am quite new to Puppet so if anyone has any better suggestions one how to do this it would be appreciated.



edit retag flag offensive close merge delete



I don't see why you can't use puppetlabs/java_ks with puppet 3, you just need to get an older version of the module. You can use a pre 2.0 version ( ) and it will work fine with puppet3

DarylW gravatar imageDarylW ( 2018-04-18 08:33:41 -0600 )edit

Thanks DarylW, I will give this a try. I was under the impression that it was only for Puppet 4.

grahamking gravatar imagegrahamking ( 2018-04-20 04:14:07 -0600 )edit