tlu/salt/states/rmt/files/rmt-server.cnf.jinja

34 lines
1.2 KiB
Plaintext
Raw Normal View History

2021-09-25 12:09:55 +00:00
[req]
default_bits = 2048
distinguished_name = req_distinguished_name
x509_extensions = v3_server_sign
string_mask = utf8only
prompt = no
req_extensions = v3_req
[v3_server_sign]
basicConstraints = CA:false
nsComment = "RMT Generated Server Certificate"
nsCertType = server
keyUsage = digitalSignature, keyEncipherment, keyAgreement
extendedKeyUsage = serverAuth, clientAuth
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer:always
subjectAltName = @alt_names
[v3_req]
basicConstraints = CA:false
keyUsage = digitalSignature, keyEncipherment, keyAgreement
subjectAltName = @alt_names
[req_distinguished_name]
CN = localhost
[alt_names]
DNS.0 = localhost
DNS.1 = rmt.{{ pillar['network']['domain'] }}
IP.0 = {{ pillar['network']['ip'] }}
{% for vlan in pillar['network']['vlan'] -%}
IP.{{ loop.index }} = {{ vlan['address'] }}
{% endfor -%}