1 files changed, 8 insertions, 2 deletions

diff --git a/puppet/services/apache.yaml b/puppet/services/apache.yaml
index 9bd282f8..a2c3c7af 100644
--- a/puppet/services/apache.yaml
+++ b/puppet/services/apache.yaml
@@ -64,6 +64,7 @@ outputs:
             # internal_api_uri -> [IP]
             # internal_api_subnet - > IP/CIDR
             apache::ip: {get_param: [ServiceNetMap, ApacheNetwork]}
+            apache::default_vhost: false
             apache::server_signature: 'Off'
             apache::server_tokens: 'Prod'
             apache_remote_proxy_ips_network:
@@ -77,13 +78,15 @@ outputs:
               - "%{hiera('apache_remote_proxy_ips_network')}"
           -
             generate_service_certificates: true
+            tripleo::certmonger::apache_dirs::certificate_dir: '/etc/pki/tls/certs/httpd'
+            tripleo::certmonger::apache_dirs::key_dir: '/etc/pki/tls/private/httpd'
             apache_certificates_specs:
               map_merge:
                 repeat:
                   template:
                     httpd-NETWORK:
-                      service_certificate: '/etc/pki/tls/certs/httpd-NETWORK.crt'
-                      service_key: '/etc/pki/tls/private/httpd-NETWORK.key'
+                      service_certificate: '/etc/pki/tls/certs/httpd/httpd-NETWORK.crt'
+                      service_key: '/etc/pki/tls/private/httpd/httpd-NETWORK.key'
                       hostname: "%{hiera('fqdn_NETWORK')}"
                       principal: "HTTP/%{hiera('fqdn_NETWORK')}"
                   for_each:
@@ -110,3 +113,6 @@ outputs:
           shell: /usr/bin/systemctl show 'httpd' --property ActiveState | grep '\bactive\b'
           when: httpd_enabled.rc == 0
           tags: step0,validation
+        - name: Ensure mod_ssl package is installed
+          tags: step3
+          yum: name=mod_ssl state=latest