X509 Cert management

[Alex Samad]

Hi

I want to manage CA certs on Centos boxes and also in JVM's

I found 

https://forge.puppet.com/camptocamp/openssl ... not realy what i want

and

https://forge.puppet.com/pcfens/ca_cert

looks better.

If I was to extend to manage java certs.

this is my script 

/usr/java/jdk1.6.0_30/bin/keytool -keystore /usr/java/jdk1.6.0_30/jre/lib/security/cacerts -importcert -noprompt -alias CA512 -file /etc/pki/ca-trust/source/anchors/ca512.crt  -storepass changeit

how would I write this into puppet ?

I was thinking i can provide an array of locations where java is installed, then I can can find the keytool and the certstore.  But how to I run a command on the client machine.

Better still how do I make sure it doesn't run all the time - every invoke ?

A

[Lowe Schmidt]

There is also https://forge.puppet.com/puppetlabs/java_ks maybe it fits better with what you want to do ?

--

Lowe Schmidt | +46 723 867 157

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/ee6cc9fd-1608-43fd-a809-d1ac64f0f45e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Alex Samad]

awesome

On 23 August 2016 at 17:43, Lowe Schmidt <m...@loweschmidt.se> wrote:
> There is also https://forge.puppet.com/puppetlabs/java_ks maybe it fits
> better with what you want to do ?
>
> --
> Lowe Schmidt | +46 723 867 157
>

[snip]