openstack/tripleo-heat-templates
Code Issues Proposed changes
d58efb58e0
tripleo-heat-templates/environments/ssl/enable-tls.yaml
Rabi Mishra cf5382daf7 Use empty string for overcloud InternalTLSCAFile param 
Not all deployments have the file in the current default location
and rather use trusted certs for public tls. This also creates
issues in downstream jobs that don't inject overcloud ca with
environment/inject-trust-anchor.yaml

This default will ensure that it works in those scenarios.

Change-Id: Ib71c3e2be2b8dc57f3c9107c6ddab47cd6594202
Related-Bug: #1880936
2020-06-03 11:15:04 +05:30

46 lines
1.7 KiB
YAML
Raw Blame History

# *******************************************************************
# This file was created automatically by the sample environment
# generator. Developers should use `tox -e genconfig` to update it.
# Users are recommended to make changes to a copy of the file instead
# of the original, if any customizations are needed.
# *******************************************************************
# title: Enable SSL on OpenStack Public Endpoints
# description: |
# Use this environment to pass in certificates for SSL deployments.
# For these values to take effect, one of the tls-endpoints-*.yaml
# environments must also be used.
parameter_defaults:
# Set CSRF_COOKIE_SECURE / SESSION_COOKIE_SECURE in Horizon
# Type: boolean
HorizonSecureCookies: True
# Specifies the default CA cert to use if TLS is used for services in the internal network.
# Type: string
InternalTLSCAFile: ''
# The content of the SSL certificate (without Key) in PEM format.
# Type: string
SSLCertificate: |
The contents of your certificate go here
# The content of an SSL intermediate CA certificate in PEM format.
# Type: string
SSLIntermediateCertificate: ''
# The content of the SSL Key in PEM format.
# Type: string
SSLKey: |
The contents of the private key go here
# ******************************************************
# Static parameters - these are values that must be
# included in the environment but should not be changed.
# ******************************************************
# The filepath of the certificate as it will be stored in the controller.
# Type: string
DeployedSSLCertificatePath: /etc/pki/tls/private/overcloud_endpoint.pem
# *********************
# End static parameters
# *********************
View Git Blame Copy Permalink