Adding support for sslhostconfig options

Author: malikparvez

README.md

@@ -125,6 +125,10 @@ tomcat::instance { 'my_tomcat_app':
     port                  => $https_port,
     protocol              => $http_version,
     purge_connectors      => true,
+    cert_key_file         => '/path/to/key.pem',
+    cert_file             => '/path/to/cert.pem',
+    cert_chain_file       => '/path/to/chain.pem',
+    cert_type             => 'RSA',
     additional_attributes => {
       'SSLEnabled'          => bool2str($https_enabled),
       'maxThreads'          => $https_connector_max_threads,

manifests/config/server/connector.pp

@@ -22,6 +22,14 @@
 #   Specifies a server.xml file to manage. Valid options: a string containing an absolute path.
 # @param show_diff
 #   Specifies display differences when augeas changes files, defaulting to true. Valid options: true or false.
+# @param cert_key_file
+#   Specifies the path to the private key file. Valid options: a string containing an absolute path.
+# @param cert_file
+#   Specifies the path to the certificate file. Valid options: a string containing an absolute path.
+# @param cert_chain_file
+#   Specifies the path to the certificate chain file. Valid options: a string containing an absolute path.
+# @param cert_type
+#   Specifies the type of certificate. Valid options: a string. 'RSA'.
 #
 define tomcat::config::server::connector (
   Optional[Stdlib::Absolutepath]             $catalina_base         = undef,
@@ -34,6 +42,10 @@
   Optional[Boolean]                          $purge_connectors      = undef,
   Optional[Stdlib::Absolutepath]             $server_config         = undef,
   Boolean                                    $show_diff             = true,
+  Optional[Stdlib::Absolutepath]             $cert_key_file         = undef,
+  Optional[Stdlib::Absolutepath]             $cert_file             = undef,
+  Optional[Stdlib::Absolutepath]             $cert_chain_file       = undef,
+  String[1]                                  $cert_type             = 'RSA',
 ) {
   include tomcat
   $_catalina_base = pick($catalina_base, $tomcat::catalina_home)
@@ -85,6 +97,21 @@
     } else {
       $_additional_attributes = undef
     }
+
+    # Add SSLHostConfig if certificate parameters are provided
+    if $cert_key_file and $cert_file and $cert_chain_file {
+      $sslhostconfig_path = "Server/Service/Connector[#attribute/port='${port}']"
+
+      $_sslhostconfig_changes = [
+        "set ${sslhostconfig_path}/Certificate/#attribute/certificateKeyFile ${cert_key_file}",
+        "set ${sslhostconfig_path}/Certificate/#attribute/certificateFile ${cert_file}",
+        "set ${sslhostconfig_path}/Certificate/#attribute/certificateChainFile ${cert_chain_file}",
+        "set ${sslhostconfig_path}/Certificate/#attribute/type ${cert_type}",
+      ]
+    } else {
+      $_sslhostconfig_changes = undef
+    }
+
     if ! empty(any2array($attributes_to_remove)) {
       $_attributes_to_remove = prefix(any2array($attributes_to_remove), "rm ${base_path}/#attribute/")
     } else {
@@ -97,6 +124,7 @@
           $_protocol_change,
           $_additional_attributes,
           $_attributes_to_remove,
+          $_sslhostconfig_changes,
     ]))
   }