From 34d54c4be771c390143534650ec0ba9902fe4d46 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Thu, 2 Aug 2018 20:44:40 +0000
Subject: [PATCH] Fix paths to certs

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 roles/rabbitmq_cluster/templates/rabbitmq-env.conf | 4 ++--
 roles/rabbitmq_cluster/templates/rabbitmq.config   | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/roles/rabbitmq_cluster/templates/rabbitmq-env.conf b/roles/rabbitmq_cluster/templates/rabbitmq-env.conf
index d72bbcf253..64da1bc7f0 100644
--- a/roles/rabbitmq_cluster/templates/rabbitmq-env.conf
+++ b/roles/rabbitmq_cluster/templates/rabbitmq-env.conf
@@ -2,10 +2,10 @@ ERL_SSL_PATH="/usr/lib64/erlang/lib/ssl-7.3.3.2/ebin"
 
 SERVER_ADDITIONAL_ERL_ARGS="-pa $ERL_SSL_PATH \
 -proto_dist inet_tls \
--ssl_dist_opt server_certfile /etc/rabbitmq/node.combined.pem \
+-ssl_dist_opt server_certfile /etc/rabbitmq/nodecert.combined.pem \
 -ssl_dist_opt server_secure_renegotiate true client_secure_renegotiate true"
 
 CTL_ERL_ARGS="-pa $ERL_SSL_PATH \
 -proto_dist inet_tls \
--ssl_dist_opt server_certfile /etc/rabbitmq/node.combined.pem \
+-ssl_dist_opt server_certfile /etc/rabbitmq/nodecert.combined.pem \
 -ssl_dist_opt server_secure_renegotiate true client_secure_renegotiate true"
diff --git a/roles/rabbitmq_cluster/templates/rabbitmq.config b/roles/rabbitmq_cluster/templates/rabbitmq.config
index 7e11da9e25..35fe546843 100644
--- a/roles/rabbitmq_cluster/templates/rabbitmq.config
+++ b/roles/rabbitmq_cluster/templates/rabbitmq.config
@@ -6,8 +6,8 @@
    %% Here goes TLS
    {ssl_listeners, [5671]},
    {ssl_options, [{cacertfile,  "/etc/rabbitmq/ca.crt"},
-                  {certfile,    "/etc/rabbitmq/node.crt"},
-                  {keyfile,     "/etc/rabbitmq/node.key"},
+                  {certfile,    "/etc/rabbitmq/nodecert/node.crt"},
+                  {keyfile,     "/etc/rabbitmq/nodecert/node.key"},
                   {verify,      verify_peer},
                   {fail_if_no_peer_cert, true}]},
    {auth_mechanisms, ['EXTERNAL']},
@@ -32,8 +32,8 @@
    {listener, [{port, 15672},
                {ssl, true},
                {ssl_opts, [{cacertfile, "/etc/rabbitmq/ca.crt"},
-                           {certfile,   "/etc/rabbitmq/node.crt"},
-                           {keyfile,    "/etc/rabbitmq/node.key"}]}]},
+                           {certfile,   "/etc/rabbitmq/nodecert/node.crt"},
+                           {keyfile,    "/etc/rabbitmq/nodecert/node.key"}]}]},
   ]},
 
  {rabbitmq_management_agent,