diff options
author | Andrew Butcher <abutcher@redhat.com> | 2017-10-09 10:42:19 -0400 |
---|---|---|
committer | Andrew Butcher <abutcher@redhat.com> | 2017-10-09 10:42:19 -0400 |
commit | db2363e1aacfa472d55c8421211061240a6f49fb (patch) | |
tree | 90486ad95083d35a40e4a61e579a452392f7740e | |
parent | b37c5e648736c11913c56ee2b9620920ef42e99e (diff) | |
download | openshift-db2363e1aacfa472d55c8421211061240a6f49fb.tar.gz openshift-db2363e1aacfa472d55c8421211061240a6f49fb.tar.bz2 openshift-db2363e1aacfa472d55c8421211061240a6f49fb.tar.xz openshift-db2363e1aacfa472d55c8421211061240a6f49fb.zip |
Ensure servingInfo.clientCA is set as ca.crt rather than ca-bundle.crt.
-rw-r--r-- | playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml | 4 | ||||
-rw-r--r-- | roles/openshift_master/templates/master.yaml.v1.j2 | 4 |
2 files changed, 2 insertions, 6 deletions
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml b/playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml index e4193a00e..2068ed199 100644 --- a/playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml +++ b/playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml @@ -44,8 +44,8 @@ - modify_yaml: dest: "{{ openshift.common.config_base }}/master/master-config.yaml" yaml_key: servingInfo.clientCA - yaml_value: ca-bundle.crt - when: (g_master_config_output.content|b64decode|from_yaml).servingInfo.clientCA != 'ca-bundle.crt' + yaml_value: ca.crt + when: (g_master_config_output.content|b64decode|from_yaml).servingInfo.clientCA != 'ca.crt' - modify_yaml: dest: "{{ openshift.common.config_base }}/master/master-config.yaml" yaml_key: etcdClientInfo.ca diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index d045b402b..9b3fbcf49 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -251,11 +251,7 @@ servingInfo: bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.api_port }} bindNetwork: tcp4 certFile: master.server.crt -{% if openshift.common.version_gte_3_2_or_1_2 | bool %} - clientCA: ca-bundle.crt -{% else %} clientCA: ca.crt -{% endif %} keyFile: master.server.key maxRequestsInFlight: {{ openshift.master.max_requests_inflight }} requestTimeoutSeconds: 3600 |