Adding ability to specify altnames for vault cert (#1640)

2026-03-09 03:37:36 +03:00 · 2017-09-14 01:19:44 -05:00
parent 016301508e
commit 4b587aaf99
2 changed files with 6 additions and 1 deletions
--- a/roles/vault/tasks/bootstrap/gen_vault_certs.yml
+++ b/roles/vault/tasks/bootstrap/gen_vault_certs.yml
@@ -2,7 +2,7 @@
 - include: ../shared/issue_cert.yml
  vars:
    issue_cert_common_name: "{{ vault_pki_mounts.vault.roles[0].name }}"
-    issue_cert_alt_names: "{{ groups.vault + ['localhost'] }}"
+    issue_cert_alt_names: "{{ groups.vault + ['localhost'] + vault_ca_options.vault.altnames|default() }}"
    issue_cert_hosts: "{{ groups.vault }}"
    issue_cert_ip_sans: >-
        [