Code Review / fuel.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: f26e949)
Configure SubjectAltName for the proxy cert 79/41079/2
authorMichael Polenchuk <mpolenchuk@mirantis.com>
Tue, 5 Sep 2017 16:42:49 +0000 (20:42 +0400)
committerMichael Polenchuk <mpolenchuk@mirantis.com>
Wed, 6 Sep 2017 07:07:26 +0000 (11:07 +0400)
In order to avoid SubjectAltName warnings,
bring it into proxy ssl certificate.

Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Change-Id: I46fe9697469354bc028039cc1f030baae1ccd7fb

mcp/reclass/classes/cluster/baremetal-mcp-ocata-odl-ha/openstack/proxy.yml patch | blob | history
mcp/reclass/classes/cluster/baremetal-mcp-ocata-ovs-dpdk-ha/openstack/proxy.yml patch | blob | history
mcp/reclass/classes/cluster/baremetal-mcp-ocata-ovs-ha/openstack/proxy.yml patch | blob | history

diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-ocata-odl-ha/openstack/proxy.yml b/mcp/reclass/classes/cluster/baremetal-mcp-ocata-odl-ha/openstack/proxy.yml
index ee5f639..4aa7bb0 100644 (file)
--- a/mcp/reclass/classes/cluster/baremetal-mcp-ocata-odl-ha/openstack/proxy.yml
+++ b/mcp/reclass/classes/cluster/baremetal-mcp-ocata-odl-ha/openstack/proxy.yml
@@ -34,3 +34,9 @@ parameters:
     system:
       package:
         libapache2-mod-wsgi:
+  salt:
+    minion:
+      cert:
+        proxy:
+          alternative_names: "IP:${_param:openstack_proxy_address}"
+          key_usage: 'digitalSignature, keyEncipherment'
diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-ocata-ovs-dpdk-ha/openstack/proxy.yml b/mcp/reclass/classes/cluster/baremetal-mcp-ocata-ovs-dpdk-ha/openstack/proxy.yml
index 14fb3ab..c85909f 100644 (file)
--- a/mcp/reclass/classes/cluster/baremetal-mcp-ocata-ovs-dpdk-ha/openstack/proxy.yml
+++ b/mcp/reclass/classes/cluster/baremetal-mcp-ocata-ovs-dpdk-ha/openstack/proxy.yml
@@ -34,3 +34,9 @@ parameters:
     system:
       package:
         libapache2-mod-wsgi:
+  salt:
+    minion:
+      cert:
+        proxy:
+          alternative_names: "IP:${_param:openstack_proxy_address}"
+          key_usage: 'digitalSignature, keyEncipherment'
diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-ocata-ovs-ha/openstack/proxy.yml b/mcp/reclass/classes/cluster/baremetal-mcp-ocata-ovs-ha/openstack/proxy.yml
index 30f2c46..5e9a2c5 100644 (file)
--- a/mcp/reclass/classes/cluster/baremetal-mcp-ocata-ovs-ha/openstack/proxy.yml
+++ b/mcp/reclass/classes/cluster/baremetal-mcp-ocata-ovs-ha/openstack/proxy.yml
@@ -34,3 +34,9 @@ parameters:
     system:
       package:
         libapache2-mod-wsgi:
+  salt:
+    minion:
+      cert:
+        proxy:
+          alternative_names: "IP:${_param:openstack_proxy_address}"
+          key_usage: 'digitalSignature, keyEncipherment'