tlsfiles

Transport Layer Security (TLS) Files

Matthias Saou

thias

19,787 downloads

4,356 latest version

5.0 quality score

Version information

  • 1.0.4 (latest)
  • 1.0.3
  • 1.0.2
  • 1.0.1
  • 1.0.0
  • 0.3.0
  • 0.2.0
released Jan 21st 2019
This version is compatible with:
  • Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >=2.7.20 < 7.0.0
  • RedHat
    ,
    CentOS
    ,
    Debian
    ,
    Ubuntu

Start using this module

Tags: ssl, tls, https

Documentation

thias/tlsfiles — version 1.0.4 Jan 21st 2019

puppet-tlsfiles

Overview

This module is used to manage Private Key Infrastructure (PKI) Transport Layer Security (TLS) files. Typically these are Secure Socket Layer (SSL) X.509 private keys and certificates.

The module supports installing intermediate certificates as well as optionally joining keys and certificates into single files.

  • tlsfiles : Manage key and certificate

Parameters

  • $crtpath = '/etc/pki/tls/certs'
  • $keypath = '/etc/pki/tls/private'
  • $crtmode = '0644'
  • $keymode = '0600'
  • $owner = 'root'
  • $group = 'root'
  • $intcert = false
  • $intjoin = false
  • $pem = false
  • $srcdir = 'tlsfiles'
  • $crtdir = 'crt'
  • $keydir = 'key'
  • crtname = "${title}.crt"
  • keyname = "${title}.key"

Examples

To install keys and certificates present under :

  • mymodulename/templates/tlsfiles/crt/www.example.com.crt
  • mymodulename/templates/tlsfiles/key/www.example.com.key
  • mymodulename/templates/tlsfiles/crt/IntermediateCA.crt

In site.pp to centralize all of your files :

Tlsfiles { srcdir => 'mymodulename/tlsfiles' }

Install key and certificate files to the default locations :

tlsfiles { 'www.example.com': }

Install a PEM file containing key and certificate to a custom location (it will be called www.example.com.pem) :

tlsfiles { 'www.example.com':
  keypath => '/etc/foo',
  pem     => true,
}

The same as the above, but including the intermediate CA certificate :

tlsfiles { 'www.example.com':
  keypath => '/etc/foo',
  intcert => 'IntermediateCA',
  pem     => true,
}