16.147. cdist-type__snakeoil_cert(7)¶
16.147.1. NAME¶
cdist-type__snakeoil_cert - Generate self-signed certificate
16.147.2. DESCRIPTION¶
The purpose of this type is to generate self-signed certificate and private key for testing purposes. Certificate will expire in 3650 days.
Certificate's and key's access bits will be 644
and 640
respectively.
If target system has ssl-cert
group, then it will be used as key's group.
Use require='__snakeoil_cert/...' __file ...
to override.
16.147.3. OPTIONAL PARAMETERS¶
- common-name
Defaults to
$__object_id
.- key-path
%s
in path will be replaced with$__object_id
. Defaults to/etc/ssl/private/%s.pem
.- key-type
Possible values are
rsa:$bits
andec:$name
. For possible EC names seeopenssl ecparam -list_curves
. Defaults torsa:2048
.- cert-path
%s
in path will be replaced with$__object_id
. Defaults to/etc/ssl/certs/%s.pem
.
16.147.4. EXAMPLES¶
__snakeoil_cert localhost-rsa \
--common-name localhost \
--key-type rsa:4096
__snakeoil_cert localhost-ec \
--common-name localhost \
--key-type ec:prime256v1
16.147.5. AUTHORS¶
Ander Punnar <ander-at-kvlt-dot-ee>
16.147.6. COPYING¶
Copyright (C) 2021 Ander Punnar. You can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.