14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
# File 'manifests/export/pem_cert.pp', line 14
define openssl::export::pem_cert (
Enum['present', 'absent'] $ensure = present,
Stdlib::Absolutepath $pem_cert = $title,
Optional[Stdlib::Absolutepath] $pfx_cert = undef,
Optional[Stdlib::Absolutepath] $der_cert = undef,
Optional[String] $in_pass = undef,
) {
#local variables
# If ensure = present and der_cert and $pfx_cert as being specified, then throw error
if $ensure == present and !$der_cert and !$pfx_cert {
fail('Parameter Error: either pfx_cert or der_cert must be specified')
}
if $der_cert and $pfx_cert {
fail('Parameter Error: pfx_cert and der_cert are mutually-exclusive')
}
if $der_cert {
$sslmodule = 'x509'
$in_cert = $der_cert
$module_opt = '-inform DER'
} else {
$sslmodule = 'pkcs12'
$in_cert = $pfx_cert
$module_opt = ''
}
$passin_opt = $in_pass ? {
undef => '',
default => "-nokeys -passin pass:'${in_pass}'",
}
if $ensure == 'present' {
$cmd = [
"openssl ${sslmodule}",
$module_opt,
"-in ${in_cert}",
"-out ${pem_cert}",
$passin_opt,
]
exec { "Export ${in_cert} to ${pem_cert}":
command => inline_template('<%= @cmd.join(" ") %>'),
path => $facts['path'],
creates => $pem_cert,
}
} else {
file { $pem_cert:
ensure => absent,
}
}
}
|