####Table of Contents
##Overview
This small ssl module creates a self signed ssl certificate. It can also create DH parameters.
Written for Puppet >= 3.4.0.
##Module Description
See Overview for now.
##Setup
###What Ssl affects
- Creation of ssl certificates with openssl.
- Creation of DH Parameters.
###Setup Requirements
Nothing.
###Beginning with Ssl
Simply include it and you will get a simple self signed certificate for your $::fqdn in /etc/ssl.
##Usage
Just include the module by
include sslIf you want to create more certificates or have special configurations to do, use the define:
ssl::self_signed_certficate { $::fqdn:
common_name => $::fqdn,
email_address => 'root@example.de',
country => 'DE',
organization => 'Example GmbH',
days => 730,
directory => '/etc/ssl/web',
subject_alt_name => "DNS:*.${::domain}, DNS:${::domain}",
}For the creation of DH parameters, look at the defined type generate_dh_key.
##Limitations:
Debian and RedHat like systems. Tested on:
- Debian 7
- Ubuntu 12.04
- Centos 6.x
Puppet Version >= 3.4.0, due to specific hiera usage.
##TODOs:
- Allow for shipped keys.
- Allow different key types (rsa, dsa, ecdsa).
- Allow for passwords.
- ... suggestions?