From b44fb5ce43e1de17f24859a88924965eca2f934c Mon Sep 17 00:00:00 2001
From: Patrik Lundin <patlu@sunet.se>
Date: Thu, 10 Oct 2024 10:17:39 +0200
Subject: [PATCH] Update key paths to reflect internal CA

---
 .../puppet/modules/cdn/templates/mqtt/cdn.conf.erb   | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/global/overlay/etc/puppet/modules/cdn/templates/mqtt/cdn.conf.erb b/global/overlay/etc/puppet/modules/cdn/templates/mqtt/cdn.conf.erb
index 2a47568..3855958 100644
--- a/global/overlay/etc/puppet/modules/cdn/templates/mqtt/cdn.conf.erb
+++ b/global/overlay/etc/puppet/modules/cdn/templates/mqtt/cdn.conf.erb
@@ -1,7 +1,7 @@
 listener 8883
-cafile /etc/mosquitto/ca_certificates/ca.crt
-certfile /etc/mosquitto/certs/<%= @networking['fqdn'] %>.crt
-keyfile /etc/mosquitto/certs/<%= @networking['fqdn'] %>.key
+cafile /etc/mosquitto/ca_certificates/chain.pem
+certfile /etc/mosquitto/certs/cert.pem
+keyfile /etc/mosquitto/certs/privkey.pem
 require_certificate true
 use_identity_as_username true
 acl_file /etc/mosquitto/aclfile
@@ -12,8 +12,8 @@ log_type all
 connection <%= @dc %>-to-<%= remote_dc %>
 address <%= bridge_config['address'] %>:address <%= bridge_config['port'] %>:
 topic cdn/<%= @dc %>/purge out 1
-bridge_cafile /etc/mosquitto/ca_certificates/ca.crt
-bridge_certfile /etc/mosquitto/certs/<%= @networking['fqdn'] %>.crt
-bridge_keyfile /etc/mosquitto/certs/<%= @networking['fqdn'] %>.key
+bridge_cafile /usr/local/share/ca-certificates/step_ca_root.crt
+bridge_certfile /etc/mosquitto/certs/cert.pem
+bridge_keyfile /etc/mosquitto/certs/privkey.pem
 
 <% end -%>