Generate Key-Pairs and Certificates via Puppet
|Blocking:||#6, #3305||Platform:||Unknown / Cross platform|
Various upcoming projects of ours depend on server-to-server communication that requires encryption. The software chosen in any case (i.e. Bacula for #6, Fluentd for #3305) supports TLS encryption, which in turn requires pre-shared keys and certificates.
Therefore we need to integrate proper key- and certificate-management in Puppet. In order to avoid manual generation of these entities, the files should be generated on-demand by the Puppet master, and be accessible on a per-host-record basis.