summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--puppet/services/haproxy.yaml6
1 files changed, 6 insertions, 0 deletions
diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml
index a71491c0..619cf131 100644
--- a/puppet/services/haproxy.yaml
+++ b/puppet/services/haproxy.yaml
@@ -50,6 +50,11 @@ parameters:
type: string
description: Specifies the default CA cert to use if TLS is used for
services in the internal network.
+ InternalTLSCRLPEMFile:
+ default: '/etc/pki/CA/crl/overcloud-crl.pem'
+ type: string
+ description: Specifies the default CRL PEM file to use for revocation if
+ TLS is used for services in the internal network.
resources:
@@ -89,6 +94,7 @@ outputs:
tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword}
tripleo::haproxy::redis_password: {get_param: RedisPassword}
tripleo::haproxy::ca_bundle: {get_param: InternalTLSCAFile}
+ tripleo::haproxy::crl_file: {get_param: InternalTLSCRLPEMFile}
tripleo::profile::base::haproxy::certificates_specs:
map_merge:
- get_attr: [HAProxyPublicTLS, role_data, certificates_specs]