salt.states.keystore#
State management of a java keystore
- salt.states.keystore.managed(name, passphrase, entries, force_remove=False)#
Create or manage a java keystore.
- Parameters:
name -- The path to the keystore file
passphrase -- The password to the keystore
entries --
A list containing an alias, certificate, and optional private_key. The certificate and private_key can be a file or a string
- entries: - alias: hostname2 certificate: /path/to/cert.crt private_key: /path/to/key.key - alias: stringhost certificate: | -----BEGIN CERTIFICATE----- MIICEjCCAXsCAg36MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwG 2VguKv4SWjRFoRkIfIlHX0qVviMhSlNy2ioFLy7JcPZb+v3ftDGywUqcBiVDoea0 -----END CERTIFICATE-----
force_remove --
If True will cause the state to remove any entries found in the keystore which are not defined in the state. The default is False. Example:
define_keystore: keystore.managed: - name: /path/to/keystore - passphrase: changeit - force_remove: True - entries: - alias: hostname1 certificate: /path/to/cert.crt - alias: remotehost certificate: /path/to/cert2.crt private_key: /path/to/key2.key - alias: pillarhost certificate: {{ salt.pillar.get('path:to:cert') }}