Merge "Output the SSL Certificate and Key modulus"

[apex-tripleo-heat-templates.git] / puppet / extraconfig / tls / tls-cert-inject.yaml

diff --git a/puppet/extraconfig/tls/tls-cert-inject.yaml b/puppet/extraconfig/tls/tls-cert-inject.yaml
index b4564fc..739a51a 100644 (file)
--- a/puppet/extraconfig/tls/tls-cert-inject.yaml
+++ b/puppet/extraconfig/tls/tls-cert-inject.yaml
@@ -49,6 +49,8 @@ resources:
         - name: cert_chain_content
       outputs:
         - name: chain_md5sum
+        - name: cert_modulus
+        - name: key_modulus
       config: |
         #!/bin/sh
         cat << EOF | tee ${cert_path} > /dev/null
@@ -57,6 +59,12 @@ resources:
         chmod 0440 ${cert_path}
         chown root:haproxy ${cert_path}
         md5sum ${cert_path} > ${heat_outputs_path}.chain_md5sum
+        openssl x509 -noout -modulus -in ${cert_path} \
+          | openssl md5 | cut -c 10- \
+          > ${heat_outputs_path}.cert_modulus
+        openssl rsa -noout -modulus -in ${cert_path} \
+          | openssl md5 | cut -c 10- \
+          > ${heat_outputs_path}.key_modulus
 
   ControllerTLSDeployment:
     type: OS::Heat::SoftwareDeployment
@@ -79,3 +87,9 @@ outputs:
   deployed_ssl_certificate_path:
     description: The location that the TLS certificate was deployed to.
     value: {get_param: DeployedSSLCertificatePath}
+  key_modulus_md5:
+    description: MD5 checksum of the Key SSL Modulus
+    value: {get_attr: [ControllerTLSDeployment, key_modulus]}
+  cert_modulus_md5:
+    description: MD5 checksum of the Certificate SSL Modulus
+    value: {get_attr: [ControllerTLSDeployment, cert_modulus]}