NAME

       cdist-type__snakeoil_cert - Generate self-signed certificate

DESCRIPTION

       The  purpose  of  this  type  is  to  generate self-signed certificate and private key for
       testing purposes. Certificate will expire in 3650 days.

       Certificate's and key's access bits will be 644 and 640 respectively.   If  target  system
       has    ssl-cert    group,    then    it    will    be    used   as   key's   group.    Use
       require='__snakeoil_cert/...' __file ... to override.

OPTIONAL PARAMETERS

       common-name
              Defaults to $__object_id.

       key-path
              %s   in   path   will    be    replaced    with    $__object_id.     Defaults    to
              /etc/ssl/private/%s.pem.

       key-type
              Possible  values  are  rsa:$bits  and  ec:$name.  For possible EC names see openssl
              ecparam -list_curves.  Defaults to rsa:2048.

       cert-path
              %s in path will be replaced with $__object_id.  Defaults to /etc/ssl/certs/%s.pem.

EXAMPLES

          __snakeoil_cert localhost-rsa \
              --common-name localhost \
              --key-type rsa:4096

          __snakeoil_cert localhost-ec \
              --common-name localhost \
              --key-type ec:prime256v1

AUTHORS

       Ander Punnar <ander-at-kvlt-dot-ee>

COPYING

       Copyright (C) 2021 Ander Punnar. You can redistribute it and/or modify it under the  terms
       of  the  GNU  General  Public License as published by the Free Software Foundation, either
       version 3 of the License, or (at your option) any later version.

COPYRIGHT

       ungleich GmbH 2021