- Description - What does the module do?
- Setup - The basics of getting started with mongodb
- Usage - Configuration options and additional functionality
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
The ca_cert module tries to provide a simple way to manage Certificate Authority (CA) certificates on a Linux system.
On supported OSes custom and OS default CAs can be managed by using the defined type ca_cert::ca. The ca_cert class could be realized to costomize how this module manages the certificates.
ca_cert::ca { 'myorg_ca':
source => 'https://ca.myorg.com/myorg_ca.pem',
}---
ca_cert::ca_certs:
'myorg_ca':
source: 'https://ca.myorg.com/myorg_ca.pem'include ca_certDistrusting OS default CAs is handled differently by different OS families. On Debian/Ubuntu like OSes that support distrusting by using a configuration file the certificate content is not needed. Simply use
ca_cert::ca { 'DigiCert_Global_Root_G3':
ensure => 'distrusted',
}On RedHat like OSes that use a folder to manage distrusted default CAs, the certificate source or content has to be provided as well
ca_cert::ca { 'DigiCert_Global_Root_G3':
ensure => 'distrusted',
source => 'https://cacerts.digicert.com/DigiCertGlobalRootG3.crt.pem',
}class { 'ca_cert':
purge_unmanaged_CAs => true,
ca_certs => {
....
}
}This module has been tested on operating systems in metadata.json
This module is maintained by Vox Pupuli. Voxpupuli welcomes new contributions to this module, especially those that include documentation and rspec tests. We are happy to provide guidance if necessary.
Please see CONTRIBUTING for more details.
This module was originally authored by Phil Fenstermacher. The maintainer preferred that Puppet Community take ownership of the module for future improvement and maintenance. Existing pull requests and issues were transferred over, please fork and continue to contribute here instead.
Previously: https://github.com/pcfens/puppet-ca_cert
