Puppet Plan: cd4peadm::regen_certificates

Defined in:
plans/regen_certificates.pp

Summary

Generate new browser certificates from current configuration

Overview

This plan will generate new certificates and save them to Hiera, using the resolvable hostnamespecified in your current Hiera config. When it completes, use the ‘cd4peadm::apply_configuration` plan to upload the new certs to your CD4PE install.

Parameters:

  • hiera_data_file_path (String) (defaults to: 'data/common.yaml')
  • pkcs7_public_key_path (String) (defaults to: 'keys/public_key.pkcs7.pem') 


6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
 
# File 'plans/regen_certificates.pp', line 6

plan cd4peadm::regen_certificates(
  String $hiera_data_file_path = 'data/common.yaml',
  String $pkcs7_public_key_path = 'keys/public_key.pkcs7.pem',
) {
  run_plan('cd4peadm::check_bolt_version')

  # We need to load the config in the Hiera structure so that we can write it
  # back out to the yaml file once we've updated the certs.
  $hiera_config = loadyaml($hiera_data_file_path)
  $old_config = $hiera_config['cd4peadm::config']
  out::message("Regenerating browser certificates with hostname ${old_config['resolvable_hostname']}.")
  cd4peadm::write_new_certs_to_hiera(
    $old_config,
    $hiera_data_file_path,
    $pkcs7_public_key_path
  )
  out::message('Run the `cd4peadm::apply_configuration` plan to upload the new certs to your CD4PE install.')
}