Ask Your Question
3

Generate self-signed SSL certificates for http servers server

asked 2014-03-13 10:55:17 -0500

seocam gravatar image

updated 2014-03-13 10:57:16 -0500

I'm looking for a way to generate self-signed SSL certificates and respective keys using Puppet.

I've found this module that was supposed to do what I need: https://github.com/camptocamp/puppet-openssl

Before trying this module I started to wonder if I couldn't do that using Puppet by itself. This seems reasonable to me because Puppet doesn't generate SSL certificates and keys in order to identify nodes to master but I couldn't find any one talking about using this features inside a manifest.

edit retag flag offensive close merge delete

3 Answers

Sort by ยป oldest newest most voted
4

answered 2015-01-06 19:50:11 -0500

timhughes gravatar image

If you don't want a new module something similar to this should work

exec {'create_self_signed_sslcert':
  command => "openssl req -newkey rsa:2048 -nodes -keyout ${::fqdn}.key  -x509 -days 365 -out ${::fqdn}.crt -subj '/CN=${::fqdn}'"
  cwd     => $certdir,
  creates => [ "${certdir}/${::fqdn}.key", "${certdir}/${::fqdn}.crt", ],
  path    => ["/usr/bin", "/usr/sbin"]
}
edit flag offensive delete link more

Comments

Nice - that just works perfect!

Vishal gravatar imageVishal ( 2015-06-07 11:55:49 -0500 )edit
1

answered 2014-03-13 14:45:27 -0500

Ancillas gravatar image

There is not a native way to do this in Puppet. The link you posted seems like a good solution - using custom providers.

edit flag offensive delete link more
0

answered 2015-06-12 01:30:37 -0500

harshal gravatar image

Please add a comma after the "command => ...." line , so anyone can copy-paste it directly :)

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2014-03-13 10:55:17 -0500

Seen: 2,845 times

Last updated: Mar 13 '14