diff options
Diffstat (limited to 'puppet/extraconfig/tls')
-rw-r--r-- | puppet/extraconfig/tls/no-tls.yaml | 6 | ||||
-rw-r--r-- | puppet/extraconfig/tls/tls-cert-inject.yaml | 14 |
2 files changed, 20 insertions, 0 deletions
diff --git a/puppet/extraconfig/tls/no-tls.yaml b/puppet/extraconfig/tls/no-tls.yaml index d2dfdfa4..2da209cb 100644 --- a/puppet/extraconfig/tls/no-tls.yaml +++ b/puppet/extraconfig/tls/no-tls.yaml @@ -26,3 +26,9 @@ outputs: value: 'TLS not enabled.' deployed_ssl_certificate_path: value: '' + key_modulus_md5: + description: Key SSL Modulus + value: '' + cert_modulus_md5: + description: Certificate SSL Modulus + value: '' diff --git a/puppet/extraconfig/tls/tls-cert-inject.yaml b/puppet/extraconfig/tls/tls-cert-inject.yaml index b4564fc7..739a51ad 100644 --- a/puppet/extraconfig/tls/tls-cert-inject.yaml +++ b/puppet/extraconfig/tls/tls-cert-inject.yaml @@ -49,6 +49,8 @@ resources: - name: cert_chain_content outputs: - name: chain_md5sum + - name: cert_modulus + - name: key_modulus config: | #!/bin/sh cat << EOF | tee ${cert_path} > /dev/null @@ -57,6 +59,12 @@ resources: chmod 0440 ${cert_path} chown root:haproxy ${cert_path} md5sum ${cert_path} > ${heat_outputs_path}.chain_md5sum + openssl x509 -noout -modulus -in ${cert_path} \ + | openssl md5 | cut -c 10- \ + > ${heat_outputs_path}.cert_modulus + openssl rsa -noout -modulus -in ${cert_path} \ + | openssl md5 | cut -c 10- \ + > ${heat_outputs_path}.key_modulus ControllerTLSDeployment: type: OS::Heat::SoftwareDeployment @@ -79,3 +87,9 @@ outputs: deployed_ssl_certificate_path: description: The location that the TLS certificate was deployed to. value: {get_param: DeployedSSLCertificatePath} + key_modulus_md5: + description: MD5 checksum of the Key SSL Modulus + value: {get_attr: [ControllerTLSDeployment, key_modulus]} + cert_modulus_md5: + description: MD5 checksum of the Certificate SSL Modulus + value: {get_attr: [ControllerTLSDeployment, cert_modulus]} |