From 2325efd0b6f8b094f6a801bf55d6ff6f53e9cbfa Mon Sep 17 00:00:00 2001
From: ChrisC <christophe.closset@intl.att.com>
Date: Fri, 11 Sep 2020 18:39:23 +0200
Subject: [CLAMP] AAF certificate using certinializer

use of auto-generated certificates via AAF side-car
at OOM deployment time for CLAMP.

Issue-ID: CLAMP-884

Change-Id: I24f5a119714a5e46c4d0c152c03b6bc545135b8e
Signed-off-by: osgn422w <gervais-martial.ngueko@intl.att.com>
Signed-off-by: ChrisC <christophe.closset@intl.att.com>
---
 kubernetes/clamp/resources/config/default.conf | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'kubernetes/clamp/resources/config')

diff --git a/kubernetes/clamp/resources/config/default.conf b/kubernetes/clamp/resources/config/default.conf
index 84beff8d5a..3e6fde9d0d 100644
--- a/kubernetes/clamp/resources/config/default.conf
+++ b/kubernetes/clamp/resources/config/default.conf
@@ -2,8 +2,14 @@ server {
 
   listen 2443 default ssl;
   ssl_protocols TLSv1.2;
+  {{ if .Values.global.aafEnabled }}
+  ssl_certificate {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_pem}};
+  ssl_certificate_key {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_key}};
+  {{ else }}
   ssl_certificate /etc/ssl/clamp.pem;
   ssl_certificate_key /etc/ssl/clamp.key;
+  {{ end }}
+
   ssl_verify_client optional_no_ca;
     location /restservices/clds/ {
         proxy_pass https://clamp-backend:443;
-- 
cgit 1.2.3-korg