commit eae8fb5186369e53da3d9003cb0161c518f1188a
Author: Juan Antonio Osorio Robles <email address hidden>
Date: Wed Aug 23 12:20:20 2017 +0300
HAProxy: Make certmonger bundle the cert and key on renewal
the postsave command is ran by certmonger when a certificate is
requested (which will happen on certificate renewal). The previous
command given didn't take into account the file that haproxy expects,
which is a bundled PEM file with both the certificate and the key. Thus,
certmonger would have never generated a new bundle that haproxy would
use, resulting in haproxy always having an old bundle after certificate
expiration.
This fixes that.
Change-Id: Idb650d35f56abaf6a17e17794a068dd5933e6a62
Closes-Bug: #1712514
(cherry picked from commit e1791a37d557b14bb8f833363cabe5c98e151548)
Reviewed: https:/ /review. openstack. org/498308 /git.openstack. org/cgit/ openstack/ puppet- tripleo/ commit/ ?id=eae8fb51863 69e53da3d9003cb 0161c518f1188a
Committed: https:/
Submitter: Jenkins
Branch: stable/pike
commit eae8fb5186369e5 3da3d9003cb0161 c518f1188a
Author: Juan Antonio Osorio Robles <email address hidden>
Date: Wed Aug 23 12:20:20 2017 +0300
HAProxy: Make certmonger bundle the cert and key on renewal
the postsave command is ran by certmonger when a certificate is
requested (which will happen on certificate renewal). The previous
command given didn't take into account the file that haproxy expects,
which is a bundled PEM file with both the certificate and the key. Thus,
certmonger would have never generated a new bundle that haproxy would
use, resulting in haproxy always having an old bundle after certificate
expiration.
This fixes that.
Change-Id: Idb650d35f56aba f6a17e17794a068 dd5933e6a62 bb8f833363cabe5 c98e151548)
Closes-Bug: #1712514
(cherry picked from commit e1791a37d557b14