Skip to content
Snippets Groups Projects
Commit c8cadf2b authored by Dennis Ahrens's avatar Dennis Ahrens
Browse files

Remove client_ca from certificates

parent 4749e220
No related branches found
No related tags found
No related merge requests found
...@@ -163,8 +163,6 @@ Each cert may have the following fields: ...@@ -163,8 +163,6 @@ Each cert may have the following fields:
The certificate chain. The certificate chain.
* `dhparam` **recommended** * `dhparam` **recommended**
The diffie hellman parameter. The diffie hellman parameter.
* `client_ca`
A client certificate which you may use to authenticate using TLS.
The states will create a bunch of files in the `deploy.config.cert_directory`. The states will create a bunch of files in the `deploy.config.cert_directory`.
...@@ -172,7 +170,6 @@ The states will create a bunch of files in the `deploy.config.cert_directory`. ...@@ -172,7 +170,6 @@ The states will create a bunch of files in the `deploy.config.cert_directory`.
* `certname.key` * `certname.key`
* `certname.chain.pem` * `certname.chain.pem`
* `certname.dhparam.pem` * `certname.dhparam.pem`
* `certname.client_ca.pem`
* `certname.fullchain.pem` * `certname.fullchain.pem`
`pem` + `chain` `pem` + `chain`
* `certname.fullchain.dhparam.pem` * `certname.fullchain.dhparam.pem`
......
...@@ -94,18 +94,4 @@ sslcert_{{ name }}_fullchain_dhparam: ...@@ -94,18 +94,4 @@ sslcert_{{ name }}_fullchain_dhparam:
- file: deploy_cert_create_dir - file: deploy_cert_create_dir
{% endif %} {% endif %}
{% if cert.client_ca is defined %}
ssl_cert_{{ name }}_client_ca:
file.managed:
- name: {{ deploy.config.cert_directory }}/{{ name }}.client_ca.pem
- user: root
- group: hsh-certs
- mode: 640
- template: jinja
- show_diff: False
- contents: {{ cert.client_ca.split("\n") }}
- requires:
- file: deploy_cert_create_dir
{% endif %}
#}
{% endfor %} {% endfor %}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment