From 3b74d987c1a1486dc5e720b93814d592ebc35c62 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Thu, 11 Mar 2021 10:49:15 -0500
Subject: [PATCH] fix retry in ca state. add subjectAltName to influxdb.crt

---
 salt/ca/init.sls  | 5 +++--
 salt/ssl/init.sls | 1 +
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/salt/ca/init.sls b/salt/ca/init.sls
index 0d35c10c1..485b01d3e 100644
--- a/salt/ca/init.sls
+++ b/salt/ca/init.sls
@@ -43,8 +43,9 @@ pki_private_key:
     - require:
       - file: /etc/pki
     - timeout: 30
-    - retry: 5
-    - interval: 30
+    - retry:
+        attempts: 5
+        interval: 30
 
 x509_pem_entries:
   module.run:
diff --git a/salt/ssl/init.sls b/salt/ssl/init.sls
index 4646b1d07..85854bab4 100644
--- a/salt/ssl/init.sls
+++ b/salt/ssl/init.sls
@@ -79,6 +79,7 @@ removeesp12dir:
     - signing_policy: influxdb
     - public_key: /etc/pki/influxdb.key
     - CN: {{ manager }}
+    - subjectAltName: DNS:{{ HOSTNAME }}
     - days_remaining: 0
     - days_valid: 820
     - backup: True