diff options
| author | Devan Goodwin <dgoodwin@redhat.com> | 2015-11-03 14:37:27 -0400 |
|---|---|---|
| committer | Devan Goodwin <dgoodwin@redhat.com> | 2015-11-03 14:37:27 -0400 |
| commit | 9d05b8c192a462c9d6a37586fc27cbd93f80ff65 (patch) | |
| tree | 85696c092269859010348ede6fe80ba4c1124543 /roles/etcd_ca/templates | |
| parent | ab83e16dbed3eb5cf1dff96992509439d2739550 (diff) | |
| parent | 3d3f2875bb89cdbdeadd7da4868355669ba12122 (diff) | |
| download | openshift-9d05b8c192a462c9d6a37586fc27cbd93f80ff65.tar.gz openshift-9d05b8c192a462c9d6a37586fc27cbd93f80ff65.tar.bz2 openshift-9d05b8c192a462c9d6a37586fc27cbd93f80ff65.tar.xz openshift-9d05b8c192a462c9d6a37586fc27cbd93f80ff65.zip | |
Merge remote-tracking branch 'upstream/master' into upgrade
Diffstat (limited to 'roles/etcd_ca/templates')
| -rw-r--r-- | roles/etcd_ca/templates/openssl_append.j2 | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/roles/etcd_ca/templates/openssl_append.j2 b/roles/etcd_ca/templates/openssl_append.j2 index de2adaead..f28316fc2 100644 --- a/roles/etcd_ca/templates/openssl_append.j2 +++ b/roles/etcd_ca/templates/openssl_append.j2 @@ -1,20 +1,20 @@ -[ etcd_v3_req ] +[ {{ etcd_req_ext }} ] basicConstraints = critical,CA:FALSE keyUsage = digitalSignature,keyEncipherment subjectAltName = ${ENV::SAN} -[ etcd_ca ] +[ {{ etcd_ca_name }} ] dir = {{ etcd_ca_dir }} -crl_dir = $dir/crl -database = $dir/index.txt -new_certs_dir = $dir/certs -certificate = $dir/ca.crt -serial = $dir/serial -private_key = $dir/ca.key -crl_number = $dir/crlnumber -x509_extensions = etcd_v3_ca_client -default_days = 365 +crl_dir = {{ etcd_ca_crl_dir }} +database = {{ etcd_ca_db }} +new_certs_dir = {{ etcd_ca_new_certs_dir }} +certificate = {{ etcd_ca_cert }} +serial = {{ etcd_ca_serial }} +private_key = {{ etcd_ca_key }} +crl_number = {{ etcd_ca_crl_number }} +x509_extensions = {{ etcd_ca_exts_client }} +default_days = {{ etcd_ca_default_days }} default_md = sha256 preserve = no name_opt = ca_default @@ -23,27 +23,27 @@ policy = policy_anything unique_subject = no copy_extensions = copy -[ etcd_v3_ca_self ] +[ {{ etcd_ca_exts_self }} ] authorityKeyIdentifier = keyid,issuer basicConstraints = critical,CA:TRUE,pathlen:0 keyUsage = critical,digitalSignature,keyEncipherment,keyCertSign subjectKeyIdentifier = hash -[ etcd_v3_ca_peer ] +[ {{ etcd_ca_exts_peer }} ] authorityKeyIdentifier = keyid,issuer:always basicConstraints = critical,CA:FALSE extendedKeyUsage = clientAuth,serverAuth keyUsage = digitalSignature,keyEncipherment subjectKeyIdentifier = hash -[ etcd_v3_ca_server ] +[ {{ etcd_ca_exts_server }} ] authorityKeyIdentifier = keyid,issuer:always basicConstraints = critical,CA:FALSE extendedKeyUsage = serverAuth keyUsage = digitalSignature,keyEncipherment subjectKeyIdentifier = hash -[ etcd_v3_ca_client ] +[ {{ etcd_ca_exts_client }} ] authorityKeyIdentifier = keyid,issuer:always basicConstraints = critical,CA:FALSE extendedKeyUsage = clientAuth |