tripleo

  1. Bug #1712514
  2. Comment #5

Comment 5 for bug 1712514

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to puppet-tripleo (stable/pike)

Reviewed: https://review.openstack.org/498308
Committed: https://git.openstack.org/cgit/openstack/puppet-tripleo/commit/?id=eae8fb5186369e53da3d9003cb0161c518f1188a
Submitter: Jenkins
Branch: stable/pike

commit eae8fb5186369e53da3d9003cb0161c518f1188a
Author: Juan Antonio Osorio Robles <email address hidden>
Date: Wed Aug 23 12:20:20 2017 +0300

    HAProxy: Make certmonger bundle the cert and key on renewal

    the postsave command is ran by certmonger when a certificate is
    requested (which will happen on certificate renewal). The previous
    command given didn't take into account the file that haproxy expects,
    which is a bundled PEM file with both the certificate and the key. Thus,
    certmonger would have never generated a new bundle that haproxy would
    use, resulting in haproxy always having an old bundle after certificate
    expiration.

    This fixes that.

    Change-Id: Idb650d35f56abaf6a17e17794a068dd5933e6a62
    Closes-Bug: #1712514
    (cherry picked from commit e1791a37d557b14bb8f833363cabe5c98e151548)