Add SSLCACertificate to the overcloud yaml.
This allows a CA certificate to be specified in cases where the Cert
does not come from a CA in the system bundle.
Partially implements: blueprint tripleo-ssl-overcloud
Full set of blueprint changes:
https://review.openstack.org/#/c/85098
https://review.openstack.org/#/c/85099
https://review.openstack.org/#/c/85100
Change-Id: I67d7c1362df323762023be5c74fbe75b1583570c
input_values:
ssl_certificate: {Ref: SSLCertificate}
ssl_key: {Ref: SSLKey}
+ ssl_ca_certificate: {Ref: SSLCACertificate}
controller0Passthrough:
Type: OS::Heat::StructuredDeployment
Properties:
Description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
Type: String
NoEcho: true
+ SSLCACertificate:
+ Default: ''
+ Description: If set, the contents of an SSL certificate authority file.
+ Type: String
Resources:
SSLConfig:
Type: OS::Heat::StructuredConfig
get_input: ssl_certificate
key:
get_input: ssl_key
+ cacert:
+ get_input: ssl_ca_certificate
ports:
- name: 'ec2'
accept: 13773