Leaf

The following parameters are available for creating certificate_leaf resources, when a new resource is created jumppad will create the certificate and associated private key and write them to the output folder. Certificates do not perisist the lifecycle of a blueprint, when a blueprint is destroyed the created certs and keys are removed from the output folder.

To create a leaf certificate jumppad needs a valid CA certificate and private key, these can be generated using the certificate_ca resource or can be an existing x509 certificate and associated RSA private key.

Leaf Certificates have a pre-set Common Name corresponding to the name of the resource.

Examples

resource "certificate_ca" "cd_consul_ca" {
  output = data("certs")
}

resource "certificate_leaf" "cd_consul_server" {
  ca_key = resource.certificate_ca.cd_consul_ca.key_path
  ca_cert = resource.certificate_ca.cd_consul_ca.cert_path

  ip_addresses = ["127.0.0.1"]

  dns_names = [
    "localhost",
    "server.${var.cd_consul_dc}.consul",
    "1.consul.server.container.local.jmpd.in",
    "2.consul.server.container.local.jmpd.in",
    "3.consul.server.container.local.jmpd.in"
  ]

  output = data("certs")
}