Adding ability to specify altnames for vault cert (#1640)

2026-03-06 10:08:37 +03:00 · 2017-09-14 01:19:44 -05:00
parent 016301508e
commit 4b587aaf99
2 changed files with 6 additions and 1 deletions
--- a/roles/vault/defaults/main.yml
+++ b/roles/vault/defaults/main.yml
@@ -83,6 +83,11 @@ vault_ca_options:
    format: pem
    ttl: "{{ vault_max_lease_ttl }}"
    exclude_cn_from_sans: true
+    altnames:
+      - "vault.{{ system_namespace }}.svc.{{ dns_domain }}"
+      - "vault.{{ system_namespace }}.svc"
+      - "vault.{{ system_namespace }}"
+      - "vault"
  etcd:
    common_name: etcd
    format: pem