Uploading ssl certificate with puppet

TuxInvader / Puppet-Brocade-vTM

Brocade vTM (Virtual Traffic Manager) Puppet Module

MIT License

11 stars 4 forks source link

Uploading ssl certificate with puppet #7

Open tenajsystems opened 7 years ago

tenajsystems commented 7 years ago

Is there a way to upload ssl certs into brocade-vTM using the certificate and key file itself as to using the contents of the cert and key file?

TuxInvader commented 7 years ago

Not currently. The certificates need to be converted into a string which the REST API will accept. I use sed to do this using: sed -E ':a;N;$!ba;s/\r*\n/\\n/g' <file>

tenajsystems commented 7 years ago

Is this a feature that will be coming soon?

TuxInvader commented 7 years ago

Sure, I'll consider this a Feature Request ;-)

tenajsystems commented 6 years ago

@TuxInvader Would you by any chance know which directory ssl certs are uploaded to when you upload a cert for the Admin Server by going to System > Security > SSL Certiticate. I am looking into managing this with puppet. Also, how do i upload intermediate certs into the brocade catalog using the module?

TuxInvader commented 6 years ago

@tenajsystems I believe you just concatenate the inters with the certificate in the same file.

The files on disk are in $ZEUSHOME/zxtm/conf/ssl/server_keys/ named <certname>.public and <certname>.private

There is also an entry for them in /usr/local/zeus/zxtm/conf/ssl/server_keys_config. Eg:

Example-Cert!public %zeushome%/zxtm/conf/ssl/server_keys/Example-Cert.public
Example-Cert!private    %zeushome%/zxtm/conf/ssl/server_keys/Example-Cert.private
Example-Cert!request    %zeushome%/zxtm/conf/ssl/server_keys/Example-Cert.request
Example-Cert!createdvia software
Example-Cert!protection software
Example-Cert!managed    yes
Example-Cert!note

Editing these files manually is not a supported mechanism for making changes though, so be careful!!

Any changes you do make will need to be replicated through the cluster by executing $ZEUSHOME/zxtm/bin/replicate_config

tenajsystems commented 6 years ago

@TuxInvader, isn't that only applicable to the ssl certs that gets uploaded in to the Catalog (Catalog > SSL > SSl Server Certificates catalog)?

I am referring to System > Security > SSL Certificate? which is for the Admin Server url

TuxInvader commented 6 years ago

@tenajsystems Those keys are in the admin directory: $ZEUSHOM/admin/etc/

tenajsystems commented 6 years ago

@TuxInvader, is there a way to also upload Intermediate Certificate with the ssl certs that you upload using this class brocadevtm::ssl_server_keys?