puppet-ca-bundle

CA cert bundle of trusted root certificates for Puppet Products

OTHER License

Stars
3
Committers
11
View Code on GitHub
Ecosystems: Puppet

Puppet is now shipping a CA cert bundle!

The "canonical", up-to-date Cert Authority bundle currently provides many root certificates. We grab the Mozilla 'certdata.txt', use the 'certdata2pem.py' script from Red Hat to split that into PEM files, and remove anything that is untrusted (i.e. with anything in the distrust= field), or doesn't explicitly list serverAuth in the openssl-trust field. The result lines up with the linked curl bundle above.

Build Instructions

  • Run make refresh-certs to download new certs, clean out those we do not want, and format them for this repo
  • Run make prepare to create the cert bundle and keystore that will be installed in puppet-runtime builds

Install Instructions

  • Run make install to copy the already prepared PEM and JKS cert bundles and set permissions on the installed files.
  • On FIPS hosts, run make install-fips instead.

Release

  • Tag the puppet-ca-bundle project with the next version number
  • Update the configs/components/puppet-ca-bundle.json file in puppet-runtime with the new version
  • An automatic tagging job will tag puppet-runtime and kickoff build pipelines
Related Projects
puppet-openssl

Puppet OpenSSL module

12 Mar 2010 39
puppet-puppetboard

Puppet module to install and manage puppetboard

11 Aug 2013 53
ace

your one stop shop to manage remote resources

31 Oct 2018 2
packaging

Packaging automation for Puppet software

27 Jul 2012 37
puppetserver-ca-cli

A simple Ruby CLI tool to interact with the Puppet Server's included Certificate Authority

29 May 2018 3
puppet-gitlab_ci_runner

Module to mange gitlab CI runners. Extracted from https://github.com/voxpupuli/puppet-gitlab

08 Jul 2018 13
puppet-add-cli-auth-to-certificate

Update a Puppet certificate to make it suitable for CLI authentication

26 Sep 2018 11
puppet-puppet_certificate

Puppet type & provider to ensure Puppet certificates

11 Mar 2013 6
puppetlabs-sslcertificate

Puppet module to manage SSL Certificates on WIndows Server 2008 and upwards

08 Jul 2013 20
install-puppet

Shell script that downloads and installs puppet-agent

30 Jul 2021 3
puppet4-sandbox

Vagrant environment to quickly get started with Puppet 4, puppetserver 2, puppetdb and MCollective.

17 Apr 2015 9
puppetlabs-release

Repo that builds packages to add our apt and yum repositories and public signing key.

03 Jul 2012 7
puppet-agent-exporter

Prometheus exporter for Puppet Agent status

21 Apr 2021 8
puppetlabs-node_encrypt

Encrypt secrets inside Puppet catalogs and reports

13 Dec 2015 27
puppet-agent

All of the directions for building a puppet agent package.

17 Nov 2014 47