add cname support

This commit is contained in:
nazunalika 2021-01-21 19:22:55 -07:00
parent a5367f126c
commit 467a3d6a7f
2 changed files with 15 additions and 0 deletions

View File

@ -28,6 +28,16 @@ ipa_getcert_requested_hostnames:
# nss_db_dir: /etc/pki/tls/nss
# nss_nickname: name
# If you are using cnames
# ipa_getcert_requested_hostnames:
# - name: name
# postcmd: "/bin/systemctl restart httpd"
# owner: apache
# key_location: /etc/pki/tls/private/web.crt
# cert_location: /etc/pki/tls/certs/web.crt
# cnames:
# - cname.example.com
# This feature coming soon
#ipa_getcert_fqdn_symlink: true

View File

@ -15,6 +15,11 @@ fi
-I "{{ ipahosts.name }}" \
-N "CN={{ ipahosts.name }}" \
-D "{{ ipahosts.name }}" \
{% if ipahosts.cnames is defined %}
{% for cname in ipahosts.cnames %}
-D "{{ cname }}" \
{% endfor %}
{% endif %}
{% if ipa_getcert_nss %}
-d "${nss_db_path}" \
-n {{ ipahosts.nss_nickname | default(ansible_fqdn) }} \