2 files changed, 36 insertions, 0 deletions

diff --git a/overcloud-source.yaml b/overcloud-source.yaml
index 070ffe8c..742429f1 100644
--- a/overcloud-source.yaml
+++ b/overcloud-source.yaml
@@ -173,6 +173,15 @@ parameters:
     description: Keystone key for signing tokens.
     type: string
     hidden: true
+  KeystoneSSLCertificate:
+    default: ''
+    description: Keystone certificate for verifying token validity.
+    type: string
+  KeystoneSSLCertificateKey:
+    default: ''
+    description: Keystone key for signing tokens.
+    type: string
+    hidden: true
   LiveUpdateComputeImage:
     type: string
     description: The image ID for live-updates to the overcloud compute nodes.
@@ -334,6 +343,16 @@ parameters:
     default: guest
     description: The username for RabbitMQ
     type: string
+  RabbitClientUseSSL:
+    default: false
+    description: >
+        Rabbit client subscriber parameter to specify
+        an SSL connection to the RabbitMQ host.
+    type: string
+  RabbitClientPort:
+    default: 5672
+    description: Set rabbit subscriber port, change this if using SSL
+    type: number
   SnmpdReadonlyUserName:
     default: ro_snmp_user
     description: The user name for SNMPd with readonly rights running on all Overcloud nodes
@@ -560,6 +579,9 @@ resources:
           ca_certificate: {get_param: KeystoneCACertificate}
           signing_key: {get_param: KeystoneSigningKey}
           signing_certificate: {get_param: KeystoneSigningCertificate}
+          ssl:
+              certificate: {get_param: KeystoneSSLCertificate}
+              certificate_key: {get_param: KeystoneSSLCertificateKey}
         mysql:
           innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
           local_bind: true
@@ -648,6 +670,8 @@ resources:
             get_attr:
             - RabbitCookie
             - value
+          rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
+          rabbit_port: {get_param: RabbitClientPort}
         ntp:
           servers:
               - {server: {get_param: NtpServer}, fudge: "stratum 0"}
diff --git a/undercloud-source.yaml b/undercloud-source.yaml
index 94795934..67c3e6d6 100644
--- a/undercloud-source.yaml
+++ b/undercloud-source.yaml
@@ -115,6 +115,15 @@ parameters:
     description: Keystone key for signing tokens.
     type: string
     hidden: true
+  KeystoneSSLCertificate:
+    default: ''
+    description: Keystone certificate for verifying token validity.
+    type: string
+  KeystoneSSLCertificateKey:
+    default: ''
+    description: Keystone key for signing tokens.
+    type: string
+    hidden: true
   HeatPassword:
     default: unset
     description: The password for the Heat service account, used by the Heat services.
@@ -291,6 +300,9 @@ resources:
           ca_certificate: {get_param: KeystoneCACertificate}
           signing_key: {get_param: KeystoneSigningKey}
           signing_certificate: {get_param: KeystoneSigningCertificate}
+          ssl:
+              certificate: {get_param: KeystoneSSLCertificate}
+              certificate_key: {get_param: KeystoneSSLCertificateKey}
         mysql:
           innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
           root-password: {get_resource: MysqlRootPassword}