tripleo-heat-templates/environments/enable-internal-tls.yaml

# A Heat environment file which can be used to enable a
# a TLS for in the internal network via certmonger
parameter_defaults:
  EnableInternalTLS: true
resource_registry:
  OS::TripleO::Services::HAProxyInternalTLS: ../puppet/services/haproxy-internal-tls-certmonger.yaml
  OS::TripleO::Services::ApacheTLS: ../puppet/services/apache-internal-tls-certmonger.yaml
  OS::TripleO::Services::MySQLTLS: ../puppet/services/database/mysql-internal-tls-certmonger.yaml
  # We use apache as a TLS proxy
  OS::TripleO::Services::TLSProxyBase: ../puppet/services/apache.yaml