14 lines
690 B
YAML
14 lines
690 B
YAML
---
|
|
fixes:
|
|
- |
|
|
InternalTLSNbdCAFile, InternalTLSVncCAFile and InternalTLSQemuCAFile
|
|
do not point to the default IPA ca.crt file and instead are requested
|
|
to be loaded to component specific CA files (even if they are the same).
|
|
This can lead to a race where the CA cert is not being written by
|
|
certmonger in time.
|
|
Ib868465c20d97c62cbcb214bfc62d949bd6efc62 already changed the default to
|
|
use the IPA system cacert file '/etc/ipa/ca.crt' per default starting with
|
|
the wallaby release using the ansible role. This change backports to also
|
|
use the IPA system cacert file '/etc/ipa/ca.crt' to previous release when
|
|
managing the certs via puppet-tripleo.
|