From 6b79be5b9a811eb0e51707a894260aaad1ee5b0e Mon Sep 17 00:00:00 2001
From: Mike Reeves <luke@geekempire.com>
Date: Mon, 19 Nov 2018 15:47:24 -0500
Subject: [PATCH] Common Module - Telegraf Certificate Fun

---
 salt/common/init.sls                   | 3 +++
 salt/common/telegraf/etc/telegraf.conf | 6 +++---
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/salt/common/init.sls b/salt/common/init.sls
index 9f3ee98cb..baf60a939 100644
--- a/salt/common/init.sls
+++ b/salt/common/init.sls
@@ -146,6 +146,9 @@ so-telegraf:
       - /proc:/host/proc:ro
       - /nsm:/host/nsm:ro
       - /etc:/host/etc:ro
+      - /etc/pki/ca.crt:/etc/telegraf/ca.crt:ro
+      - /etc/pki/influxdb.crt:/etc/telegraf/telegraf.crt:ro
+      - /etc/pki/influxdb.key:/etc/telegraf/telegraf.key:ro
 
 # If its a master or eval lets install the back end for now
 {% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' %}
diff --git a/salt/common/telegraf/etc/telegraf.conf b/salt/common/telegraf/etc/telegraf.conf
index 323efd0c2..e3fb6eb6c 100644
--- a/salt/common/telegraf/etc/telegraf.conf
+++ b/salt/common/telegraf/etc/telegraf.conf
@@ -123,9 +123,9 @@
   # udp_payload = "512B"
 
   ## Optional TLS Config for use on HTTP connections.
-  # tls_ca = "/etc/telegraf/ca.pem"
-  # tls_cert = "/etc/telegraf/cert.pem"
-  # tls_key = "/etc/telegraf/key.pem"
+   tls_ca = "/etc/telegraf/ca.crt"
+   tls_cert = "/etc/telegraf/telegraf.crt"
+   tls_key = "/etc/telegraf/telegraf.key"
   ## Use TLS but skip chain & host verification
   # insecure_skip_verify = false