Defined Type: openssl::config

Defined in:
manifests/config.pp

Summary

Generates an openssl.conf file using defaults

Overview

Examples:

basic usage

openssl::config {'/path/to/openssl.conf':
  ensure       => 'present',
  commonname   => 'somewhere.org',
  country      => 'mycountry',
  organization => 'myorg',
}

Parameters:

  • ensure (Enum['absent','present']) (defaults to: 'present')

    ensure parameter for configfile; defaults to present

  • commonname (Optional[Variant[String[1], Array[String[1]]]]) (defaults to: undef)

    commonname for config file

  • country (Optional[String[1]]) (defaults to: undef)

    value for country

  • organization (Optional[String[1]]) (defaults to: undef)

    value for organization

  • owner (Variant[String[1],Integer]) (defaults to: 'root')

    owner for the configuration file

  • group (Variant[String[1],Integer]) (defaults to: 'root')

    group for the configuration file

  • mode (Stdlib::Filemode) (defaults to: '0640')

    mode for the configuration file

  • state (Optional[String[1]]) (defaults to: undef)

    value for state

  • locality (Optional[String[1]]) (defaults to: undef)

    value for locality

  • unit (Optional[String[1]]) (defaults to: undef)

    value for unit

  • email (Optional[String[1]]) (defaults to: undef)

    value for email

  • default_bits (Integer) (defaults to: 4096)

    key size to generate

  • default_md (String[1]) (defaults to: 'sha512')

    message digest to use

  • default_keyfile (String[1]) (defaults to: 'privkey.pem')

    name for the keyfile

  • basicconstraints (Array) (defaults to: [])

    version 3 certificate extension basic constraints

  • extendedkeyusages (Array) (defaults to: [])

    version 3 certificate extension extended key usage

  • keyusages (Array) (defaults to: [])

    version 3 certificate extension key usage

  • subjectaltnames (Array) (defaults to: [])

    version 3 certificate extension for alternative names currently supported are IP (v4) and DNS



49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
 
# File 'manifests/config.pp', line 49

define openssl::config (
  Enum['absent','present']                       $ensure            = 'present',
  Variant[String[1],Integer]                     $owner             = 'root',
  Variant[String[1],Integer]                     $group             = 'root',
  Stdlib::Filemode                               $mode              = '0640',
  Optional[Variant[String[1], Array[String[1]]]] $commonname        = undef,
  Optional[String[1]]                            $country           = undef,
  Optional[String[1]]                            $organization      = undef,
  Optional[String[1]]                            $state             = undef,
  Optional[String[1]]                            $locality          = undef,
  Optional[String[1]]                            $unit              = undef,
  Optional[String[1]]                            $email             = undef,
  Integer                                        $default_bits      = 4096,
  String[1]                                      $default_md        = 'sha512',
  String[1]                                      $default_keyfile   = 'privkey.pem',
  Array                                          $basicconstraints  = [],
  Array                                          $extendedkeyusages = [],
  Array                                          $keyusages         = [],
  Array                                          $subjectaltnames   = [],
) {
  file { $name:
    ensure  => $ensure,
    owner   => $owner,
    group   => $group,
    mode    => $mode,
    content => epp('openssl/cert.cnf.epp',
      {
        commonname        => $commonname,
        country           => $country,
        state             => $state,
        locality          => $locality,
        organization      => $organization,
        unit              => $unit,
        email             => $email,
        default_bits      => $default_bits,
        default_md        => $default_md,
        default_keyfile   => $default_keyfile,
        basicconstraints  => $basicconstraints,
        extendedkeyusages => $extendedkeyusages,
        keyusages         => $keyusages,
        subjectaltnames   => $subjectaltnames,
      },
    ),
    tag     => 'openssl-configs',
  }
}