diff --git a/manifests/candlepin.pp b/manifests/candlepin.pp index 0cf618f4..108c2956 100644 --- a/manifests/candlepin.pp +++ b/manifests/candlepin.pp @@ -15,6 +15,8 @@ # Whether to connect using SSL # @param db_ssl_verify # Whether to verify the certificate of the database host +# @param db_ssl_ca +# The CA certificate to verify the SSL connection to the database with # @param manage_db # Whether to manage the database. Set this to false when using a remote database class katello::candlepin ( @@ -25,6 +27,7 @@ Optional[String] $db_password = undef, Boolean $db_ssl = false, Boolean $db_ssl_verify = true, + Optional[Stdlib::Absolutepath] $db_ssl_ca = undef, Boolean $manage_db = true, ) { include certs @@ -60,6 +63,7 @@ db_password => $db_password, db_ssl => $db_ssl, db_ssl_verify => $db_ssl_verify, + db_ssl_ca => $db_ssl_ca, manage_db => $manage_db, subscribe => Class['certs', 'certs::candlepin'], } -> diff --git a/manifests/init.pp b/manifests/init.pp index 041193e1..e4d7fb80 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -31,6 +31,8 @@ # # $candlepin_db_ssl_verify:: Boolean indicating if the SSL connection to the database should be verified # +# $candlepin_db_ssl_ca:: The CA certificate to verify the SSL connection to the database with +# # $candlepin_manage_db:: Boolean indicating whether a database should be installed, this includes db creation and user # # $rest_client_timeout:: Timeout for Katello rest API @@ -53,6 +55,7 @@ Optional[String] $candlepin_db_password = undef, Boolean $candlepin_db_ssl = false, Boolean $candlepin_db_ssl_verify = true, + Optional[Stdlib::Absolutepath] $candlepin_db_ssl_ca = undef, Boolean $candlepin_manage_db = true, Integer[0] $hosts_queue_workers = 1, @@ -76,6 +79,7 @@ db_password => $candlepin_db_password, db_ssl => $candlepin_db_ssl, db_ssl_verify => $candlepin_db_ssl_verify, + db_ssl_ca => $candlepin_db_ssl_ca, manage_db => $candlepin_manage_db, }