| host: ${_param:salt_minion_ca_host} |
| authority: ${_param:salt_minion_ca_authority} |
| common_name: ${linux:system:name} |
| signing_policy: cert_open |
| alternative_names: IP:127.0.0.1,IP:${_param:cluster_vip_address},IP:${_param:cluster_local_address},DNS:${linux:system:name},DNS:${linux:network:fqdn} |
| extended_key_usage: serverAuth,clientAuth |
| key_usage: "digitalSignature,nonRepudiation,keyEncipherment" |
| key_file: /var/lib/etcd/etcd-server.key |
| cert_file: /var/lib/etcd/etcd-server.crt |
| all_file: /var/lib/etcd/etcd-server.pem |
| ca_file: /var/lib/etcd/ca.pem |