Changed ssl::certificate parameters

Use $name for output file name to allow multiple defines with the same CN.

ssl/manifests/init.pp

@@ -13,31 +13,39 @@ class ssl::openssl {
 #
 # === Parameters:
 #
-#   $key:
+#   $name:
-#       Key output file.
-#   $crt:
 #       Certificate output file.
+#   $cn:
+#       Common name.
+#   $keyout:
+#       Key output file. Defaults to ${name}.
 #   $days:
 #       Validity in days, defaults to 3650.
 #   $keysize:
 #       RSA key size, defaults to 2048.
 #   $subject:
-#       Subject, defaults to "/CN=${name}".
+#       Extra subject information.
 #
-define ssl::certificate($key, $crt, $days="3650", $keysize="2048", $subject="") {
+define ssl::certificate($cn, $keyout="", $days="3650", $keysize="2048", $subject="") {
 
     include ssl::openssl
 
-    if $subject {
+    if $keyout {
-        $subject_real = $subject
+        $keyout_real = $keyout
     } else {
-        $subject_real = "/CN=${name}"
+        $keyout_real = $name
+    }
+
+    if $subject {
+        $subject_real = "/CN=${cn}/${subject}"
+    } else {
+        $subject_real = "/CN=${cn}"
     }
 
     exec { "openssl-req-${name}":
         path    => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin",
-        command => "/bin/sh -c 'umask 077 ; openssl req -x509 -nodes -days ${days} -newkey rsa:${keysize} -subj \"${subject_real}\" -keyout ${key} -out ${crt}'",
+        command => "/bin/sh -c 'umask 077 ; openssl req -x509 -nodes -days ${days} -newkey rsa:${keysize} -subj \"${subject_real}\" -keyout ${keyout_real} -out ${name}'",
-        creates => [ "${key}", "${crt}" ],
+        creates => [ "${name}", "${keyout_real}" ],
     }
 
 }