1:
In case of trust_salt_ca usage, the salt.minion.cert state
generates broken certs body due to a space replacing:

-----BEGINCERTIFICATE-----
  MIIFzzCCA7egAwIBAgIITiyuuFgl1S4wDQYJKoZIhvcNAQELBQAwSjELMAkGA1UE
  BhMCY3oxFzAVBgNVBAMMDlNhbHQgT
  ....

To fix it the "x509.pem_managed" is used.

2:
If a symlink to CA cert is already exists, then the state is failing.
The force=True (replace) is used now to avoid the issue.

Change-Id: I4a2bd7c882e179560657a3dc7edf18c7e5835492

Change-Id: I73a4a14734651f6483fae169a2290e9c5b377d76

Change-Id: I7b4dc2001e07b047964f4ebbbbe0b23db7819566

Change-Id: Ie1f1397817b47f299107e4f44dfb4c5ffe1c010c

Change-Id: I6f1292779858c45f9cf6f4caf3657ee000b2cf06

Change-Id: I1e1269268a81d8cd01b5fe9328f63e8bf85e941b

We can have this failing because of bad mine data:
salt['mine.get'](cert.host, 'x509.get_pem_entries')

Without this change, dependency between salt_minion_cert_*_all and
ca_file is just ignored and salt_minion_cert_*_all state fails because
it can't find appropriate file.

Change-Id: I2a5dd12e08159bf110ff0d9879ebf0ad5d9d97c1

Change-Id: I2aba1213b1dda46aee929b8ea583c41316e3eb0b

It was failing with:
	Rendering SLS 'base:salt.minion.cert' failed: Conflicting ID 'salt_ca_certificates_packages'

ca-certificates installation should be probably moved out of the loop in
the future.

Change-Id: I26aeae62cc1c1d407d36d1d6bf101db073d9e601

Change-Id: I89cec95e87db52fd59a84d57c485d8c938711ef3

Unfortunately this is not idempotent, however we surely want to sync
everything when salt.minion state is executed.

Change-Id: I0faaf606b57dbd7d009156abfe50d2e5f350190e

Change-Id: I1eaa9cf7a7f861cc5de604e03fba8a74436d99ad

This error occures when multiple certs signed by same CA are requested
on minion.

Change-Id: I6b20ab4e1795298c94f55fdc61af99f933d8491c

First run is made during salt-master cloud-init and thus it is onchanges
is not suitable here because ca.crt file is already generated.

It was responsible for

    [CRITICAL] Rendering SLS 'base:salt.minion.cert' failed: Jinja variable 'dict object' has no attribute 'cfg01.mk20-lab-advanced.local'
    [ERROR   ] Data passed to highstate outputter is not a valid highstate return: {'local': ["Rendering SLS 'base:salt.minion.cert' failed: Jinja variable 'dict object' has no attribute 'cfg01.mk20-lab-advanced.local'"]}

- allow defining custom key/cert path
- ensure key/cert directories
- set key/cert permissions by metadata

source:engine metadata created - defaults to pkg
installation, pip installation alternative added