aboutsummaryrefslogtreecommitdiffstats
path: root/releasenotes
diff options
context:
space:
mode:
Diffstat (limited to 'releasenotes')
-rw-r--r--releasenotes/notes/Add-CRL-resource-d2263462d40f01c0.yaml4
-rw-r--r--releasenotes/notes/HAProxy-CRL-d05b555f92ff55ed.yaml6
2 files changed, 10 insertions, 0 deletions
diff --git a/releasenotes/notes/Add-CRL-resource-d2263462d40f01c0.yaml b/releasenotes/notes/Add-CRL-resource-d2263462d40f01c0.yaml
new file mode 100644
index 0000000..7826b87
--- /dev/null
+++ b/releasenotes/notes/Add-CRL-resource-d2263462d40f01c0.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The resource ::tripleo::certmonger::ca::crl was added. The purpose of this
+ resource is to fetch a CRL file and set up a cron job to refresh that file.
diff --git a/releasenotes/notes/HAProxy-CRL-d05b555f92ff55ed.yaml b/releasenotes/notes/HAProxy-CRL-d05b555f92ff55ed.yaml
new file mode 100644
index 0000000..cdfb859
--- /dev/null
+++ b/releasenotes/notes/HAProxy-CRL-d05b555f92ff55ed.yaml
@@ -0,0 +1,6 @@
+---
+security:
+ - If the crl_file parameter is given to the ::tripleo::haproxy resource and
+ TLS is enabled in the internal network, it will configure the CRL file for
+ all the nodes it's proxying and thus properly handle revocation of the
+ server certificates.