define ssl::cert( $ensure = present, $owner = 'root', $group = 'root', $pubmode = '644', $privmode = '600', $base = '/etc/ssl', $private = true, $main = false, $verify = true, ) { file { "${base}/certs/${name}.crt": ensure => $ensure, owner => $owner, group => $group, mode => $pubmode, source => "puppet:///ssl/${name}.crt", require => File["${base}/certs"], } if ($private == true) { file { "${base}/private/$name.pem": ensure => $ensure, owner => $owner, group => $group, mode => $privmode, backup => false, # Do not backup the private key source => "puppet:///ssl/${name}.pem", require => File["${base}/private"], } } if ($main == true) { file { "${base}/certs/cert.crt": ensure => "${base}/certs/${name}.crt", } file { "${base}/private/cert.pem": ensure => "${base}/private/${name}.pem", } } if ($verify == true) { ssl::check { "${name}": file => true, } } }