Allow certmonger mysql resource to use several DNS names

author Juan Antonio Osorio Robles <jaosorior@redhat.com>

Mon, 19 Jun 2017 12:33:19 +0000 (12:33 +0000)

committer Juan Antonio Osorio Robles <jaosorior@redhat.com>

Wed, 21 Jun 2017 08:39:18 +0000 (08:39 +0000)
author Juan Antonio Osorio Robles <jaosorior@redhat.com>
Mon, 19 Jun 2017 12:33:19 +0000 (12:33 +0000)
committer Juan Antonio Osorio Robles <jaosorior@redhat.com>
Wed, 21 Jun 2017 08:39:18 +0000 (08:39 +0000)
diff --git a/manifests/certmonger/mysql.pp b/manifests/certmonger/mysql.pp

index dd9b184..0988c55 100644 (file)
--- a/manifests/certmonger/mysql.pp
+++ b/manifests/certmonger/mysql.pp
@@ -31,6 +31,12 @@
  #   (Optional) The CA that certmonger will use to generate the certificates.
  #   Defaults to hiera('certmonger_ca', 'local').
  #
+# [*dnsnames*]
+#   (Optional) The DNS names that will be added for the SubjectAltNames entry
+#   in the certificate. If left unset, the value will be set to the $hostname.
+#   This parameter can take both a string or an array of strings.
+#   Defaults to $hostname
+#
  # [*principal*]
  #   (Optional) The haproxy service principal that is set for MySQL in kerberos.
  #   Defaults to undef
@@ -40,6 +46,7 @@ class tripleo::certmonger::mysql (
    $service_certificate,
    $service_key,
    $certmonger_ca = hiera('certmonger_ca', 'local'),
+  $dnsnames      = $hostname,
    $principal     = undef,
  ) {
    include ::certmonger
@@ -51,7 +58,7 @@ class tripleo::certmonger::mysql (
      certfile     => $service_certificate,
      keyfile      => $service_key,
      hostname     => $hostname,
-    dnsname      => $hostname,
+    dnsname      => $dnsnames,
      principal    => $principal,
      postsave_cmd => $postsave_cmd,
      ca           => $certmonger_ca,
author	Juan Antonio Osorio Robles <jaosorior@redhat.com>
	Mon, 19 Jun 2017 12:33:19 +0000 (12:33 +0000)
committer	Juan Antonio Osorio Robles <jaosorior@redhat.com>
	Wed, 21 Jun 2017 08:39:18 +0000 (08:39 +0000)