Fleet Module - SSL additions

2026-02-23 15:35:28 +01:00 · 2018-12-05 15:54:43 -05:00
parent b22b10926d
commit 53f7fcd07c
3 changed files with 51 additions and 0 deletions
--- a/salt/ssl/init.sls
+++ b/salt/ssl/init.sls
@@ -92,6 +92,20 @@ fbcrtlink:
        bits: 4096
        backup: True

+# Create a cert for OSQuery
+/etc/pki/fleet.crt:
+  x509.certificate_managed:
+    - ca_server: {{ master }}
+    - signing_policy: fleet
+    - public_key: /etc/pki/fleet.key
+    - CN: {{ master }}
+    - days_remaining: 3000
+    - backup: True
+    - managed_private_key:
+        name: /etc/pki/fleet.key
+        bits: 4096
+        backup: True
+
 {% endif %}
 {% if grains['role'] == 'so-SENSOR' or grains['role'] == 'so-eval' %}