Skip to content

voxpupuli/puppet-fetchcrl

FetchCRL module for Puppet

CI Code Coverage Puppet Forge Puppet Forge - downloads Puppet Forge - endorsement Puppet Forge - scores

This is the fetchcrl Puppet module. It configures fetch-crl version 3 wherever it can.

Fetchcrl utility will retrieve certificate revocation lists (CRLs) for a set of installed trust anchors, based on crl_url files or IGTF-style info files.

This module obsoletes CernOps-fetchcrl-1.1.0

Examples

class { 'fetchcrl':
  http_proxy            => 'http:://squid.example.org:8000',
  carepo                => 'http://yum.example.org/yumrepo',
  cache_control_request => '3600',
}

fetchcrl::ca { 'EDG-Tutorial-CA':
 agingtolerance => 168,
 comment        => 'Increased as unreliable',
}

Facts

Two custom facts are included.

  • certissuer returns the issuer of a grid certificate located at /etc/grid-security/hostcert.pem if it exists.

  • trustedca returns an array of all the certificate authoriry subjects located at /etc/grid-security/*.pem

Refernce

See REFERENCE.md for more details

License

Apache-2.0

Copyright

Steve Traylen, steve.traylen@cern.ch, CERN, 2016.

Contact

Steve Traylen steve.traylen@cern.ch

Support

Please log tickets and issues at http://github.com/voxpupuli/puppet-fetchcrl