the great ssl refactor

setup/so-functions

@@ -1122,16 +1122,6 @@ generate_ca() {
 	logCmd "openssl x509 -in /etc/pki/ca.crt -noout -subject -issuer -dates"
 }
 
-generate_ssl() {
-	# if the install type is a manager then we need to wait for the minion to be ready before trying
-	# to run the ssl state since we need the minion to sign the certs
-	if [[ $waitforstate ]]; then
-		(wait_for_salt_minion "$MINION_ID" "5" '/dev/stdout' || fail_setup) 2>&1 | tee -a "$setup_log"
-	fi
-	info "Applying SSL state"
-	logCmd "salt-call state.apply ssl -l info"
-}
-
 generate_passwords(){
   title "Generate Random Passwords"
   INFLUXPASS=$(get_random_value)
@@ -1661,7 +1651,6 @@ reinstall_init() {
 		fi
 
 		logCmd "salt-call state.apply ca.remove -linfo --local --file-root=../salt"
-		logCmd "salt-call state.apply ssl.remove -linfo --local --file-root=../salt"
 
 		# Kill any salt processes (safely)
 		for service in "${salt_services[@]}"; do

setup/so-setup

@@ -773,12 +773,9 @@ if ! [[ -f $install_opt_file ]]; then
 		# wait here until we get a response from the salt-master since it may have just restarted
 		# exit setup after 5-6 minutes of trying
 		check_salt_master_status || fail  "Can't access salt master or it is not ready"
-		# apply the ca state to create the ca and put it in the mine early in the install
+		# apply the ca state to create the ca and symlink to local/salt/ca/files/ca.crt
 		# the minion ip will already be in the mine from configure_minion function in so-functions
 		generate_ca
-		# this will also call the ssl state since docker requires the intca
-		# the salt-minion service will need to be up on the manager to sign requests
-		generate_ssl
 		logCmd "salt-call state.apply docker"
 		firewall_generate_templates
 		set_initial_firewall_policy