Code Review / apex-tripleo-heat-templates.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Merge "Revert "Blacklist support for ExtraConfig""
[apex-tripleo-heat-templates.git] / puppet / services / apache.yaml
diff --git a/puppet/services/apache.yaml b/puppet/services/apache.yaml
index f302106..23fcab9 100644 (file)
--- a/puppet/services/apache.yaml
+++ b/puppet/services/apache.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
 
 description: >
   Apache service configured with Puppet. Note this is typically included
@@ -38,6 +38,11 @@ parameters:
   EnableInternalTLS:
     type: boolean
     default: false
+  InternalTLSCAFile:
+    default: '/etc/ipa/ca.crt'
+    type: string
+    description: Specifies the default CA cert to use if TLS is used for
+                 services in the internal network.
 
 conditions:
 
@@ -88,6 +93,7 @@ outputs:
             - internal_tls_enabled
             -
               generate_service_certificates: true
+              apache::mod::ssl::ssl_ca: {get_param: InternalTLSCAFile}
               tripleo::certmonger::apache_dirs::certificate_dir: '/etc/pki/tls/certs/httpd'
               tripleo::certmonger::apache_dirs::key_dir: '/etc/pki/tls/private/httpd'
               apache_certificates_specs: