ed8eeba8d3
In cases when internal and external haproxy frontends should use different, pre-generated certificates, it's not possible to define them with haproxy_user_ssl_cert because it accepts only one certificate. In this case, certificates can be placed manually in pki/ directory. Unfortunately, with current logic, certificates creation with PKI role is disabled only when haproxy_user_ssl_cert is defined. Possibility of explicitly disabling certificates generation will be really useful. Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/915320/ Change-Id: I4eed4d797160b885d5b7187e6106e6ee0073722f
7 lines
210 B
YAML
7 lines
210 B
YAML
---
|
|
features:
|
|
- |
|
|
``haproxy_pki_create_certificates`` was implemented. It allows users to
|
|
explicitly disable certificates generation with PKI role but keep using
|
|
it for certificates distribution.
|