use private key when creating x509 cert

voxpupuli · Oct 23, 2023 · 4147c5e · 4147c5e
1 parent 1b41c6e
commit 4147c5e
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 10 deletions.
diff --git a/lib/puppet/provider/x509_cert/openssl.rb b/lib/puppet/provider/x509_cert/openssl.rb
@@ -74,7 +74,8 @@ def create
         '-days', resource[:days],
         '-in', resource[:csr],
         '-out', resource[:path],
-        '-extfile', resource[:template]
+        '-extfile', resource[:template],
+        '-key', resource[:private_key]
       ]
       if resource[:ca]
         options << ['-CAcreateserial']

diff --git a/manifests/certificate/x509.pp b/manifests/certificate/x509.pp
@@ -193,15 +193,16 @@
     encrypted   => $encrypted,
   }
   ~> x509_cert { $_crt:
-    ensure   => $ensure,
-    template => $_cnf,
-    csr      => $_csr,
-    days     => $days,
-    password => $password,
-    req_ext  => $req_ext,
-    force    => $force,
-    ca       => $ca,
-    cakey    => $cakey,
+    ensure      => $ensure,
+    template    => $_cnf,
+    csr         => $_csr,
+    private_key => $_key,
+    days        => $days,
+    password    => $password,
+    req_ext     => $req_ext,
+    force       => $force,
+    ca          => $ca,
+    cakey       => $cakey,
   }
 
   # Set owner of all files