added site_config::x509::client_ca::cert and site_config::x509::client_ca::key for client_ca deployment (#3917)

2 files changed, 18 insertions, 4 deletions

diff --git a/puppet/modules/site_config/manifests/x509/client_ca.pp b/puppet/modules/site_config/manifests/x509/client_ca/ca.pp
index 3e914cf5..0f313898 100644
--- a/puppet/modules/site_config/manifests/x509/client_ca.pp
+++ b/puppet/modules/site_config/manifests/x509/client_ca/ca.pp
@@ -1,14 +1,14 @@
-class site_config::x509::client_ca {
+class site_config::x509::client_ca::ca {
 
   ##
   ## This is for the special CA that is used exclusively for generating
   ## client certificates by the webapp.
   ##
 
-  $x509      = hiera('x509')
-  $client_ca = $x509['client_ca_cert']
+  $x509 = hiera('x509')
+  $cert = $x509['client_ca_cert']
 
   x509::ca { $site_config::params::client_ca_name:
-    content => $client_ca
+    content => $cert
   }
 }
diff --git a/puppet/modules/site_config/manifests/x509/client_ca/key.pp b/puppet/modules/site_config/manifests/x509/client_ca/key.pp
new file mode 100644
index 00000000..f9ef3f52
--- /dev/null
+++ b/puppet/modules/site_config/manifests/x509/client_ca/key.pp
@@ -0,0 +1,14 @@
+class site_config::x509::client_ca::key {
+
+  ##
+  ## This is for the special CA that is used exclusively for generating
+  ## client certificates by the webapp.
+  ##
+
+  $x509 = hiera('x509')
+  $key  = $x509['client_ca_key']
+
+  x509::key { $site_config::params::client_ca_name:
+    content => $key
+  }
+}