Enable TLS for rabbitmq's replication traffic
This follows the RabbitMQ docs [1] for enabling TLS for the replication
traffic. It reuses the certificate that rabbitmq already has.
Unfortunately, pacemaker uses the shortname for the rabbitmq nodes, so
we are not able to do proper verification of the certificates, since we
can't allocate a certificate for shortnames. So, until pacemaker can
track the rabbit nodes through their FQDNs, we don't set any verification
options.
[1] https://www.rabbitmq.com/clustering-ssl.html
Depends on: https://github.com/voxpupuli/puppet-rabbitmq/pull/574
bp tls-via-certmonger
Co-Authored-By: Alex Schultz <aschultz@redhat.com>
Change-Id: I265c89cb8898a6da78a606664a22c50f5e57a847
(cherry picked from commit
52404b85dc140d9ddc4605365454df0e052ee2cb)
Code Review / apex-puppet-tripleo.git / commit