Merge remote-tracking branch 'origin/master' into jenkins-build-49

2026-03-15 15:55:35 +01:00
3 changed files with 28 additions and 5 deletions
--- a/doc/puppet_classes/confdroid_nrpe_3A_3Aparams.html
+++ b/doc/puppet_classes/confdroid_nrpe_3A_3Aparams.html
@@ -403,6 +403,24 @@ inherited by all classes except defines.
      
    </li>
  
+    <li>
+      
+        <span class='name'>ne_ssl_cacert_file</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;/etc/pki/tls/certs/ca-chain.crt.pem&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>path and name of the ssl certificate authority (ca) file / chain. must be full path.</p>
+</div>
+      
+    </li>
+  
    <li>
      
        <span class='name'>ne_ssl_client_certs</span>
@@ -799,8 +817,6 @@ inherited by all classes except defines.
        <pre class="lines">


-87
-88
 89
 90
 91
@@ -892,10 +908,13 @@ inherited by all classes except defines.
 177
 178
 179
-180</pre>
+180
+181
+182
+183</pre>
      </td>
      <td>
-        <pre class="code"><span class="info file"># File 'manifests/params.pp', line 87</span>
+        <pre class="code"><span class="info file"># File 'manifests/params.pp', line 89</span>

 class confdroid_nrpe::params (

@@ -930,6 +949,7 @@ class confdroid_nrpe::params (
  String $ne_ssl_version                  = &#39;TLSv2+&#39;,
  String $ne_ssl_use_adh                  = &#39;1&#39;,
  String $ne_ssl_cipher_list              = &#39;ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH&#39;,
+  String $ne_ssl_cacert_file              = &#39;/etc/pki/tls/certs/ca-chain.crt.pem&#39;,
  String $ne_ssl_client_certs             = &#39;2&#39;,
  String $ne_ssl_logging                  = &#39;0x00&#39;,
  Array $ne_nasty_metachars               = [&quot;|`&amp;&gt;&lt;&#39;\\[]{};\r\n&quot;],
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -38,6 +38,8 @@
 # @param [String] ne_ssl_cipher_list ciphers can be used. For backward
 #   compatibility, this defaults to 'ssl_cipher_list=ALL:!MD5:@STRENGTH' in
 #   this version but will be changed in a later version of NRPE.
+# @param [String] ne_ssl_cacert_file path and name of the ssl certificate
+#   authority  (ca) file / chain. must be full path.
 # @param [String] ne_ssl_client_certs determines client certificate usage.
 #   Values: 0 = Don't ask for or require client certificates
 #   1 = Ask for client certificates
@@ -117,6 +119,7 @@ class confdroid_nrpe::params (
  String $ne_ssl_version                  = 'TLSv2+',
  String $ne_ssl_use_adh                  = '1',
  String $ne_ssl_cipher_list              = 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH',
+  String $ne_ssl_cacert_file              = '/etc/pki/tls/certs/ca-chain.crt.pem',
  String $ne_ssl_client_certs             = '2',
  String $ne_ssl_logging                  = '0x00',
  Array $ne_nasty_metachars               = ["|`&><'\\[]{};\r\n"],
--- a/templates/nrpe_cfg.erb
+++ b/templates/nrpe_cfg.erb
@@ -37,7 +37,7 @@ allow_weak_random_seed=<%= @ne_allow_weak_rnd_seed %>
 ssl_version=<%= @ne_ssl_version %>
 ssl_use_adh=<%= @ne_ssl_use_adh %>
 ssl_cipher_list=<%= @ne_ssl_cipher_list %>
-ssl_cacert_file=<%= @ne_ssl_ca_cert_file %>
+ssl_cacert_file=<%= @ne_ssl_cacert_file %>
 ssl_cert_file=<%= @ne_ssl_cert_file %>
 ssl_privatekey_file=<%= @ne_ssl_privatekey_file %>
 ssl_client_certs=<%= @ne_ssl_client_certs %>