Forge Home


Install and configure EJBCA


507 latest version

5.0 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.3.0 (latest)
  • 0.2.0
  • 0.1.2
  • 0.1.1
  • 0.1.0
released Apr 2nd 2022
This version is compatible with:
  • Puppet Enterprise 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x, 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.7.0 < 8.0.0

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'gerardkok-ejbca', '0.3.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add gerardkok-ejbca
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install gerardkok-ejbca --version 0.3.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



gerardkok/ejbca — version 0.3.0 Apr 2nd 2022


Table of Contents

  1. Description
  2. Setup - The basics of getting started with ejbca
  3. Usage - Configuration options and additional functionality
  4. Reference - An under-the-hood peek at what the module is doing and how
  5. Limitations - OS compatibility, etc.


This module installs. configures, and (partly) manages an EJBCA installation. EJBCA is an open-source Certificate Authority.

The module manages both the installation and configuration EJBCA, and provides a custom type that allows for managing end entities, using the SOAP API.


What ejbca affects

EJBCA runs on a JEE5 compliant Java application server (see This module uses the biemond/wildfly module, which limits the choice to JBoss or Wildfly.

EJBCA stores its data in a database (see the file conf/ from the distribution for a list). This module can handle installation of the database driver, but does not manage the database.

Setup Requirements

Previous versions of EJBCA required an instance with 2 CPUs. I can't find that requirement anymore, so I'm not sure it still holds. However, if you're having trouble installing EJBCA using this module, consider trying installing it on a bigger instances, with (at least) 2 CPUs.

A Java version that's compatible with EJBCA's version has to be installed before EJBCA can be installed.

Beginning with ejbca

Minimal usage:

include ejbca

This installs the current open-source version of EJBCA with the default configuration:

  • database: H2
  • organization: 'EJBCA Sample'
  • country: 'SE'


This module does not manage the database.




In general, if you want to change a setting, it's best to start over entirely. Also, this module does not support automatic upgrading from one database to another, or from one application server to another, or to a newer version of EJBCA.

This module had only been tested on Ubuntu 16.04 and 18.04.