State management of a java keystore
salt.states.keystore.
managed
(name, passphrase, entries, force_remove=False)¶Create or manage a java keystore.
The path to the keystore file
The password to the keystore
A list containing an alias, certificate, and optional private_key. The certificate and private_key can be a file or a string
- entries:
- alias: hostname2
certificate: /path/to/cert.crt
private_key: /path/to/key.key
- alias: stringhost
certificate: |
-----BEGIN CERTIFICATE-----
MIICEjCCAXsCAg36MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwG
...
2VguKv4SWjRFoRkIfIlHX0qVviMhSlNy2ioFLy7JcPZb+v3ftDGywUqcBiVDoea0
-----END CERTIFICATE-----
If True will cause the state to remove any entries found in the keystore which are not defined in the state. The default is False.
Example
define_keystore:
keystore.managed:
- name: /path/to/keystore
- passphrase: changeit
- force_remove: True
- entries:
- alias: hostname1
certificate: /path/to/cert.crt
- alias: remotehost
certificate: /path/to/cert2.crt
private_key: /path/to/key2.key
- alias: pillarhost
certificate: {{ salt.pillar.get('path:to:cert') }}