openstack/tripleo-heat-templates
Code Issues Proposed changes
a31e100caf
tripleo-heat-templates/environments/public-tls-undercloud.yaml
Rabi Mishra 2acb0d376b Add new parameter PublicTLSCACert 
We've been using InternalTLSCAFile parameter when enabling
public TLS for undercloud and is quite confusing. We recently
changed to use it in clouds.yaml and it would break when
both public and internal TLS are enabled for overcloud and both
use different CA certs. This adds a new parameter which we
will use in clouds.yaml, that would default to empty string
assuming that the certificates are trusted.

Closes-Bug: #1883818
Change-Id: Id6f612a91255b3158be821c363ca852c6b5d7496
Depends-On: https://review.opendev.org/737998
2020-06-25 09:31:00 -04:00

8 lines
324 B
YAML
Raw Blame History

parameter_defaults:
InternalTLSCAFile: '/etc/pki/ca-trust/source/anchors/cm-local-ca.pem'
PublicTLSCAFile: '/etc/pki/ca-trust/source/anchors/cm-local-ca.pem'
PublicSSLCertificateAutogenerated: true
resource_registry:
OS::TripleO::Services::HAProxyPublicTLS: ../deployment/haproxy/haproxy-public-tls-certmonger.yaml
View Git Blame Copy Permalink