add policy open_usage This policy will be used for certificate with various keyUsage parameters. Etcd for example. Change-Id: I2a6387f8b7ee58fb6f256881e3e09142f13119a9

commit: a480e1663c55dabeee3bc357e05807ba7310937f [log] [tgz]
author: Tomáš Kukrál <tkukral@mirantis.com> Tue Feb 28 11:27:26 2017 +0100
committer: Tomáš Kukrál <tkukral@mirantis.com> Tue Feb 28 14:54:50 2017 +0100
tree: 82ebb594157504a4bc320441e5ffe9a9449a3360
parent: bb122162f2c022fb85f5d8ec9c16b29b3a16f8a0 [diff]
diff --git a/salt/files/_pki.conf b/salt/files/_pki.conf
index 489263b..f3e9cb9 100644
--- a/salt/files/_pki.conf
+++ b/salt/files/_pki.conf

@@ -36,6 +36,8 @@
     {%- elif signing_policy.type == 'v3_edge_ca' %}
     - basicConstraints: "CA:TRUE,pathlen:0"
     - keyUsage: "critical cRLSign,keyCertSign"
+    {%- elif signing_policy.type == 'v3_edge_cert_open' %}
+    - basicConstraints: "CA:FALSE"
     {%- endif %}
     - subjectKeyIdentifier: hash
     - authorityKeyIdentifier: keyid,issuer:always
commit	a480e1663c55dabeee3bc357e05807ba7310937f	[log] [tgz]
author	Tomáš Kukrál <tkukral@mirantis.com>	Tue Feb 28 11:27:26 2017 +0100
committer	Tomáš Kukrál <tkukral@mirantis.com>	Tue Feb 28 14:54:50 2017 +0100
tree	82ebb594157504a4bc320441e5ffe9a9449a3360
parent	bb122162f2c022fb85f5d8ec9c16b29b3a16f8a0 [diff]