Puppet Class: secure_windows::stig::v73609

Defined in:
manifests/stig/v73609.pp

Overview

This class manages v73609

Parameters:

  • enforced (Boolean) (defaults to: false)
  • is_dod (Optional[Boolean])
  • classification (Optional[String]) 


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
# File 'manifests/stig/v73609.pp', line 2

class secure_windows::stig::v73609 (
  Boolean $enforced = false,
  Optional[Boolean] $is_dod,
  Optional[String] $classification,
) {

  if $enforced {
    if $is_dod {
      case $classification {
        'unclassified', undef: {
          file { 'c:/windows/temp/DoD_CCEB_IRCA1-to-DoD_Root_CA_2.p7b':
            ensure => 'file',
            mode   => '0660',
            group  => 'BUILTIN\\Administrators',
            source => 'puppet:///modules/secure_windows/STIG/v73609/DoD_CCEB_IRCA1-to-DoD_Root_CA_2.p7b',
            before => Sslcertificate['Install-Certificate-DoD-CCEB-IRCA1'],
          }
          sslcertificate { 'Install-Certificate-DoD-CCEB-IRCA1':
            name       => 'DoD_CCEB_IRCA1-to-DoD_Root_CA_2.p7b',
            location   => 'c:/windows/temp',
            # NOTE: 'disallowed' means 'Untrusted Certificates'
            store_dir  => 'disallowed',
            root_store => 'LocalMachine',
            thumbprint => 'DA36FAF56B2F6FBA1604F5BE46D864C9FA013BA3',
          }
        }
        'secret', 'ts', 'sci': {}
        default:               { notice("Unknown classification ${classification} defined.") }
      }
    }
  }

}