commit e1791a37d557b14bb8f833363cabe5c98e151548
Author: Juan Antonio Osorio Robles <email address hidden>
Date: Wed Aug 23 12:20:20 2017 +0300
HAProxy: Make certmonger bundle the cert and key on renewal
the postsave command is ran by certmonger when a certificate is
requested (which will happen on certificate renewal). The previous
command given didn't take into account the file that haproxy expects,
which is a bundled PEM file with both the certificate and the key. Thus,
certmonger would have never generated a new bundle that haproxy would
use, resulting in haproxy always having an old bundle after certificate
expiration.
Reviewed: https:/ /review. openstack. org/496572 /git.openstack. org/cgit/ openstack/ puppet- tripleo/ commit/ ?id=e1791a37d55 7b14bb8f833363c abe5c98e151548
Committed: https:/
Submitter: Jenkins
Branch: master
commit e1791a37d557b14 bb8f833363cabe5 c98e151548
Author: Juan Antonio Osorio Robles <email address hidden>
Date: Wed Aug 23 12:20:20 2017 +0300
HAProxy: Make certmonger bundle the cert and key on renewal
the postsave command is ran by certmonger when a certificate is
requested (which will happen on certificate renewal). The previous
command given didn't take into account the file that haproxy expects,
which is a bundled PEM file with both the certificate and the key. Thus,
certmonger would have never generated a new bundle that haproxy would
use, resulting in haproxy always having an old bundle after certificate
expiration.
This fixes that.
Change-Id: Idb650d35f56aba f6a17e17794a068 dd5933e6a62
Closes-Bug: #1712514