tlu/salt/states/rancher/files/rancher-server.cnf.jinja

30 lines
1.1 KiB
Plaintext
Raw Normal View History

2021-11-05 15:06:45 +00:00
[req]
default_bits = 2048
distinguished_name = req_distinguished_name
x509_extensions = v3_server_sign
string_mask = utf8only
prompt = no
req_extensions = v3_req
[v3_server_sign]
basicConstraints = CA:false
nsComment = "Rancher Server Certificate"
nsCertType = server
keyUsage = digitalSignature, keyEncipherment, keyAgreement
extendedKeyUsage = serverAuth, clientAuth
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer:always
subjectAltName = @alt_names
[v3_req]
basicConstraints = CA:false
keyUsage = digitalSignature, keyEncipherment, keyAgreement
subjectAltName = @alt_names
[req_distinguished_name]
CN = rancher.{{ pillar['network']['domain'] }}
[alt_names]
DNS.0 = rancher.{{ pillar['network']['domain'] }}
IP.0 = {{ pillar['network']['ip'] }}