Common Module - Telegraf Certificate Fun

salt/common/init.sls

@@ -146,6 +146,9 @@ so-telegraf:
       - /proc:/host/proc:ro
       - /nsm:/host/nsm:ro
       - /etc:/host/etc:ro
+      - /etc/pki/ca.crt:/etc/telegraf/ca.crt:ro
+      - /etc/pki/influxdb.crt:/etc/telegraf/telegraf.crt:ro
+      - /etc/pki/influxdb.key:/etc/telegraf/telegraf.key:ro
 
 # If its a master or eval lets install the back end for now
 {% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' %}

salt/common/telegraf/etc/telegraf.conf

@@ -123,9 +123,9 @@
   # udp_payload = "512B"
 
   ## Optional TLS Config for use on HTTP connections.
-  # tls_ca = "/etc/telegraf/ca.pem"
-  # tls_cert = "/etc/telegraf/cert.pem"
-  # tls_key = "/etc/telegraf/key.pem"
+   tls_ca = "/etc/telegraf/ca.crt"
+   tls_cert = "/etc/telegraf/telegraf.crt"
+   tls_key = "/etc/telegraf/telegraf.key"
   ## Use TLS but skip chain & host verification
   # insecure_skip_verify = false