From 5bfef1a17cc2fd7208a3ef95a046a3820561b102 Mon Sep 17 00:00:00 2001
From: Mark Chappell <mchappel@redhat.com>
Date: Wed, 4 Nov 2015 12:18:22 +0100
Subject: Output the SSL Certificate and Key modulus

Provides a simple mechanism to verify the correct certificates
landed.

A quick and simple way to verify SSL certificates were generated for
a given key is by comparing the modulus of the two.  By outputing
the key modulus and certificate modulus we offer a way to verify
that the right cert and key have been deployed without compromising
any of the secrets.

Change-Id: I882c9840719a09795ba8057a19b0b3985e036c3c
---
 puppet/controller.yaml | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'puppet/controller.yaml')

diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index 81fa6c11..05661e70 100644
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -1396,3 +1396,9 @@ outputs:
           - {get_attr: [NodeTLSData, deploy_stdout]}
           - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
           - {get_param: UpdateIdentifier}
+  tls_key_modulus_md5:
+    description: MD5 checksum of the TLS Key Modulus
+    value: {get_attr: [NodeTLSData, key_modulus_md5]}
+  tls_cert_modulus_md5:
+    description: MD5 checksum of the TLS Certificate Modulus
+    value: {get_attr: [NodeTLSData, cert_modulus_md5]}
-- 
cgit 1.2.3-korg