diff --git a/manifests/ca.pp b/manifests/ca.pp index 29a46d2f..c0724112 100644 --- a/manifests/ca.pp +++ b/manifests/ca.pp @@ -21,6 +21,7 @@ String $ca_key_password = $certs::ca_key_password, Stdlib::Absolutepath $ca_key_password_file = $certs::ca_key_password_file, ) { + $default_ca_path = "${certs::ssl_build_dir}/${default_ca_name}.crt" $server_ca_path = "${certs::ssl_build_dir}/${server_ca_name}.crt" file { $ca_key_password_file: @@ -46,22 +47,12 @@ } if $generate { - if $certs::server_ca_cert { - file { $server_ca_path: - ensure => file, - source => $certs::server_ca_cert, - owner => 'root', - group => 'root', - mode => '0644', - } - } else { - file { $server_ca_path: - ensure => file, - source => "${certs::ssl_build_dir}/${default_ca_name}.crt", - owner => 'root', - group => 'root', - mode => '0644', - } + file { $server_ca_path: + ensure => file, + source => pick($certs::server_ca_cert, $default_ca_path), + owner => 'root', + group => 'root', + mode => '0644', } file { "${certs::ssl_build_dir}/KATELLO-TRUSTED-SSL-CERT": @@ -74,7 +65,7 @@ if $deploy { file { $certs::katello_default_ca_cert: ensure => file, - source => "${certs::ssl_build_dir}/${default_ca_name}.crt", + source => $default_ca_path, owner => 'root', group => 'root', mode => '0644',