Adding key_size option on the certmonger_certificate creation (#27)

certmonger_certificate function currently does not support creating certificates having private keys stronger than 2048bits. Adding a key_size option, on certmoonget side it's known using the -g option, to be able to create certificates with stronger keys using puppet_certmonger.
saltedsignal · Oct 20, 2020 · 1de5f27 · 1de5f27
1 parent a198870
commit 1de5f27
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/lib/puppet/provider/certmonger_certificate/certmonger_certificate.rb b/lib/puppet/provider/certmonger_certificate/certmonger_certificate.rb
@@ -89,6 +89,8 @@ def self.parse_cert_list(list_output)
           current_cert[:postsave_cmd] = line.match(
             %r{post-save command: (.*)}
           )[1]
+        when %r{^\s+key_size: .*}
+          current_cert[:key_size] = line.match(%r{key_size: (.*)})[1]
         end
       end
     end
@@ -195,6 +197,10 @@ def get_base_args(resource)
       request_args << '-C'
       request_args << "#{resource[:postsave_cmd]}"
     end
+    if resource[:key_size]
+      request_args << '-g'
+      request_args << "#{resource[:key_size]}"
+    end
 
     request_args << '-w' if resource[:wait]
     request_args