summaryrefslogtreecommitdiffstats
path: root/manifests
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-06-21 13:28:18 +0000
committerGerrit Code Review <review@openstack.org>2017-06-21 13:28:18 +0000
commit620d5bacef10cf309fc2d4e41b6f875e19f3a7f2 (patch)
tree6a5220fcfefcd4d6fb4fc556b4385a4ca761d041 /manifests
parent6d2bbf3a2408d96a642805b58f9a9174ba6b2ee4 (diff)
parent5d36fa2348b2ff7aa8ad668f56b160515ed128fe (diff)
Merge "Allow certmonger mysql resource to use several DNS names"
Diffstat (limited to 'manifests')
-rw-r--r--manifests/certmonger/mysql.pp9
1 files changed, 8 insertions, 1 deletions
diff --git a/manifests/certmonger/mysql.pp b/manifests/certmonger/mysql.pp
index dd9b184..0988c55 100644
--- a/manifests/certmonger/mysql.pp
+++ b/manifests/certmonger/mysql.pp
@@ -31,6 +31,12 @@
# (Optional) The CA that certmonger will use to generate the certificates.
# Defaults to hiera('certmonger_ca', 'local').
#
+# [*dnsnames*]
+# (Optional) The DNS names that will be added for the SubjectAltNames entry
+# in the certificate. If left unset, the value will be set to the $hostname.
+# This parameter can take both a string or an array of strings.
+# Defaults to $hostname
+#
# [*principal*]
# (Optional) The haproxy service principal that is set for MySQL in kerberos.
# Defaults to undef
@@ -40,6 +46,7 @@ class tripleo::certmonger::mysql (
$service_certificate,
$service_key,
$certmonger_ca = hiera('certmonger_ca', 'local'),
+ $dnsnames = $hostname,
$principal = undef,
) {
include ::certmonger
@@ -51,7 +58,7 @@ class tripleo::certmonger::mysql (
certfile => $service_certificate,
keyfile => $service_key,
hostname => $hostname,
- dnsname => $hostname,
+ dnsname => $dnsnames,
principal => $principal,
postsave_cmd => $postsave_cmd,
ca => $certmonger_ca,