Revision 8edc3f0c
Added by James Powis over 7 years ago
templates/server/puppetserver/conf.d/webserver.conf.erb | ||
---|---|---|
ssl-cert: <%= scope.lookupvar('puppet::server::ssl_cert') %>
|
||
ssl-key: <%= scope.lookupvar('puppet::server::ssl_cert_key') %>
|
||
ssl-ca-cert: <%= scope.lookupvar('puppet::server::ssl_ca_cert') %>
|
||
<%- if scope.lookupvar('puppet::server::_crl_enable') -%>
|
||
ssl-crl-path: <%= scope.lookupvar('puppet::server::ssl_ca_crl') %>
|
||
<%- end -%>
|
||
<%- if scope.lookupvar('puppet::server::ca') -%>
|
||
ssl-cert-chain: <%= scope.lookupvar('puppet::server::ssl_chain') %>
|
||
ssl-crl-path: <%= scope.lookupvar('puppet::server::ssl_ca_crl') %>
|
||
<%- end -%>
|
||
}
|
Also available in: Unified diff
allow enabling crl when server_ca => false
This allows the CRL to be enabled when puppet_ca is disabled.
Additionally, provide the ability to sync #{ssldir}/ca/ca_crl.pem
contents to #{ssldir}/crl.pem from a master of masters.
closes GH-460