On Wed, Nov 10, 2010 at 6:26 PM, Richard Crowley <r...@rcrowley.org> wrote:
> > got the point, thought that you need one specific key on each server. So > > that should be even simpler, use file with content and put the key in the > > content field: > > > > $myKey = "-----BEGIN RSA PRIVATE > > > KEY-----\nMIICXgIBAAKBgQDTqkVS4/iwKx8LngXQrEShlfSRtcSyOB1IjC5AIGUAJvapq9lz\n..." > > > > file { > > "/path/to/keyFile": > > content => $myKey; > > } > > > > Put this into your Webserver class and assign the class only to the > > Webservers. > > This works perfectly for PEM-formatted keys because they're ASCII, > which is a subset of UTF-8. Binary keys are not (usually) valid UTF-8 > and thus can't be crammed into a catalog without some encoding. > > Indeed. I made a mistake in my original post; it's not the key files for apache (which are PEM-formatted ASCII) , but rather those in Java's JKS keystore format, that cause problems for me. I could probably create a workaround by transferring the keys as .PEM format and then converting to JKS on the client, but it would be a pretty fiddly solution compared to the option of a binary-safe file() function. > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com<puppet-users%2bunsubscr...@googlegroups.com> > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.