|
id: import_and_load_root_ca
|
|
name: Import and load Root CA
|
|
version: '1.0'
|
|
description: Import and load Root CA
|
|
category: ncf_techniques
|
|
params:
|
|
- id: f589320e-f1b6-4dc6-93d6-546f0641b519
|
|
name: certificate
|
|
description: certificate
|
|
documentation: ''
|
|
constraints:
|
|
allow_empty: false
|
|
- id: 272a63bc-af0f-47fc-9725-4914b1222d44
|
|
name: filename
|
|
description: filename
|
|
constraints:
|
|
allow_empty: false
|
|
items:
|
|
- id: ec33b01e-3a5a-4f49-be90-f83a2f4c4cdd
|
|
name: Install Root CA for debian family
|
|
reporting:
|
|
mode: weighted
|
|
condition: debian
|
|
items:
|
|
- id: e70d24dc-ef27-497c-b335-504c64591651
|
|
name: install ca-certificates
|
|
method: package_present
|
|
params:
|
|
name: ca-certificates
|
|
version: ''
|
|
architecture: ''
|
|
provider: ''
|
|
- id: 0535b094-65dc-48d7-99c6-c9c7c8e62923
|
|
name: install ca certificate
|
|
method: file_content
|
|
params:
|
|
path: /usr/local/share/ca-certificates/${filename}
|
|
lines: ${certificate}
|
|
enforce: 'true'
|
|
- id: 5ef3abbb-3508-4e54-b5d2-733701679b05
|
|
name: Load ca_cert
|
|
reporting:
|
|
mode: disabled
|
|
method: command_execution
|
|
params:
|
|
command: update-ca-certificates
|
|
- id: 95560395-bb6a-45ed-bf3c-972c8f623c9d
|
|
name: Install Root CA for redhat family
|
|
reporting:
|
|
mode: weighted
|
|
condition: redhat
|
|
items:
|
|
- id: c5bd1f5e-258a-4a06-9520-bd7cf8f4bf9b
|
|
name: install ca-certificates
|
|
method: package_present
|
|
params:
|
|
name: ca-certificates
|
|
version: ''
|
|
architecture: ''
|
|
provider: ''
|
|
- id: c90c0864-5dff-4037-bba1-674ed156e745
|
|
name: Ensure /etc/pki/ca-trust/source/whitelist/ is present
|
|
method: directory_present
|
|
params:
|
|
path: /etc/pki/ca-trust/source/whitelist/
|
|
- id: b2e3eacb-4eea-4c2b-9167-8c35261f5ed8
|
|
name: install ca certificate
|
|
method: file_content
|
|
params:
|
|
path: /etc/pki/ca-trust/source/whitelist/${filename}
|
|
lines: ${certificate}
|
|
enforce: 'true'
|
|
- id: a2f4250b-3e35-4bf8-b208-c30848ff4923
|
|
name: Load ca_cert
|
|
reporting:
|
|
mode: disabled
|
|
method: command_execution
|
|
params:
|
|
command: update-ca-trust
|