+ if (lookup("ssl::try_letsencrypt_for_real_hostname") |$key| { true }) {
+ letsencrypt::certonly { $real_hostname:
+ before => Apache::Vhost["default_ssl"];
+ default: * => $::profile::apache::letsencrypt_certonly_default;
+ }
+ $ssl_cert = "/etc/letsencrypt/live/$real_hostname/cert.pem"
+ $ssl_key = "/etc/letsencrypt/live/$real_hostname/privkey.pem"
+ $ssl_chain = "/etc/letsencrypt/live/$real_hostname/chain.pem"
+ } else {
+ ssl::self_signed_certificate { $real_hostname:
+ common_name => $real_hostname,
+ country => "FR",
+ days => "3650",
+ organization => "Immae",
+ directory => "/etc/httpd/conf/ssl",
+ before => Apache::Vhost["default_ssl"],
+ }
+
+ $ssl_key = "/etc/httpd/conf/ssl/$real_hostname.key"
+ $ssl_cert = "/etc/httpd/conf/ssl/$real_hostname.crt"
+ $ssl_chain = undef
+ }
+