Add all TLS certificates to trusted chain

Add internal and admin certificates to chain if use_ssl hash used Change-Id: I8a713d00dbdadbe178a16fa7d19b59a559ef0c6f Closes-Bug: #1528622
2015-12-22 18:52:55 +03:00 · 2015-12-22 18:52:55 +03:00 · 65d1aa9911
commit 65d1aa9911
parent db7a3a7e39
1 changed files with 12 additions and 0 deletions
--- a/deployment/puppet/osnailyfacter/modular/ssl/ssl_add_trust_chain.pp
+++ b/deployment/puppet/osnailyfacter/modular/ssl/ssl_add_trust_chain.pp
@ -18,6 +18,18 @@ define file_link {
      source => "/etc/pki/tls/certs/public_${service}.pem",
    }
  }
+
+  if !empty(file("/etc/pki/tls/certs/internal_${service}.pem",'/dev/null')) {
+    file { "/usr/local/share/ca-certificates/${service}_internal_haproxy.crt":
+      source => "/etc/pki/tls/certs/internal_${service}.pem",
+    }
+  }
+
+  if !empty(file("/etc/pki/tls/certs/admin_${service}.pem",'/dev/null')) {
+    file { "/usr/local/share/ca-certificates/${service}_admin_haproxy.crt":
+      source => "/etc/pki/tls/certs/admin_${service}.pem",
+    }
+  }
 }

 if !empty($ssl_hash) {