Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Uploading ssl certificate with puppet #7

Open
tenajsystems opened this issue Sep 26, 2017 · 8 comments
Open

Uploading ssl certificate with puppet #7

tenajsystems opened this issue Sep 26, 2017 · 8 comments

Comments

@tenajsystems
Copy link

Is there a way to upload ssl certs into brocade-vTM using the certificate and key file itself as to using the contents of the cert and key file?
@TuxInvader
Copy link
Owner

Not currently. The certificates need to be converted into a string which the REST API will accept. I use sed to do this using: sed -E ':a;N;$!ba;s/\r*\n/\\n/g' <file>

@tenajsystems
Copy link
Author

Is this a feature that will be coming soon?

@TuxInvader
Copy link
Owner

Sure, I'll consider this a Feature Request ;-)

@tenajsystems
Copy link
Author

tenajsystems commented Nov 13, 2017
edited
Loading

@TuxInvader Would you by any chance know which directory ssl certs are uploaded to when you upload a cert for the Admin Server by going to System > Security > SSL Certiticate. I am looking into managing this with puppet. Also, how do i upload intermediate certs into the brocade catalog using the module?

@TuxInvader
Copy link
Owner

TuxInvader commented Nov 14, 2017
edited
Loading

@tenajsystems I believe you just concatenate the inters with the certificate in the same file.

The files on disk are in $ZEUSHOME/zxtm/conf/ssl/server_keys/ named <certname>.public and <certname>.private

There is also an entry for them in /usr/local/zeus/zxtm/conf/ssl/server_keys_config. Eg:

Example-Cert!public	%zeushome%/zxtm/conf/ssl/server_keys/Example-Cert.public
Example-Cert!private	%zeushome%/zxtm/conf/ssl/server_keys/Example-Cert.private
Example-Cert!request	%zeushome%/zxtm/conf/ssl/server_keys/Example-Cert.request
Example-Cert!createdvia	software
Example-Cert!protection	software
Example-Cert!managed	yes
Example-Cert!note

Editing these files manually is not a supported mechanism for making changes though, so be careful!!

Any changes you do make will need to be replicated through the cluster by executing $ZEUSHOME/zxtm/bin/replicate_config

@tenajsystems
Copy link
Author

@TuxInvader, isn't that only applicable to the ssl certs that gets uploaded in to the Catalog (Catalog > SSL > SSl Server Certificates catalog)?

I am referring to System > Security > SSL Certificate? which is for the Admin Server url

@TuxInvader
Copy link
Owner

@tenajsystems Those keys are in the admin directory: $ZEUSHOM/admin/etc/

@tenajsystems
Copy link
Author

@TuxInvader, is there a way to also upload Intermediate Certificate with the ssl certs that you upload using this class brocadevtm::ssl_server_keys?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@TuxInvader @tenajsystems