diff options
| author |   Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2017-06-19 12:33:19 +0000 |
|---|---|---|
| committer | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2017-06-21 08:39:18 +0000 |
| commit | 5d36fa2348b2ff7aa8ad668f56b160515ed128fe (patch) | |
| tree | 39ecf01f01fdc8a9fc33ebb3028e158492fc6158 /manifests/certmonger | |
| parent | 8ca7a1e390ce50ac66a6861dae59bb44fbf0324a (diff) | |
Allow certmonger mysql resource to use several DNS names
This allows for several SubjectAltNames which will subsequently be
used for the replication traffic as well.
bp tls-via-certmonger
Change-Id: Ic68266eaf39d6803f7c3e299095578bbcfd63b88
Diffstat (limited to 'manifests/certmonger')
| -rw-r--r-- | manifests/certmonger/mysql.pp | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/manifests/certmonger/mysql.pp b/manifests/certmonger/mysql.pp index dd9b184..0988c55 100644 --- a/manifests/certmonger/mysql.pp +++ b/manifests/certmonger/mysql.pp @@ -31,6 +31,12 @@ # (Optional) The CA that certmonger will use to generate the certificates. # Defaults to hiera('certmonger_ca', 'local'). # +# [*dnsnames*] +# (Optional) The DNS names that will be added for the SubjectAltNames entry +# in the certificate. If left unset, the value will be set to the $hostname. +# This parameter can take both a string or an array of strings. +# Defaults to $hostname +# # [*principal*] # (Optional) The haproxy service principal that is set for MySQL in kerberos. # Defaults to undef @@ -40,6 +46,7 @@ class tripleo::certmonger::mysql ( $service_certificate, $service_key, $certmonger_ca = hiera('certmonger_ca', 'local'), + $dnsnames = $hostname, $principal = undef, ) { include ::certmonger @@ -51,7 +58,7 @@ class tripleo::certmonger::mysql ( certfile => $service_certificate, keyfile => $service_key, hostname => $hostname, - dnsname => $hostname, + dnsname => $dnsnames, principal => $principal, postsave_cmd => $postsave_cmd, ca => $certmonger_ca, |