PEM-Based Key Management
The PEM Key Store and PEM Trust Store patterns support the upload of key material in PEM format into nevisAdmin 4.
The key material can either be inserted into a text field or uploaded as PEM files. In both cases, you can use variables to store the content in the inventory instead.
The keys are automatically converted into JKS and PKCS12. Up to and including nevisAdmin 4.8, these files are re-generated on each deployment and thus there are always changes.
The key material will be deployed using the same folder structure as the one for the automatic key management.
Pros:
- Complete deployment of a keystore/truststore.
- Use the same content on multiple hosts.
Cons:
- JKS and P12 files are created during generation. As these files contain timestamps, they change on each deployment.
- As nevisAdmin 4 is the master of the entire keystore content, the private key will be deployed as well.
Consider using this pattern when you need a simple solution for the complete deployment of a keystore/truststore and do not mind the limitations.