commit d2204c7715e8a9855a25ba15fbdd7db29eb5ed26
Author: Jonathan Rosser <jonathan.rosser@rd.bbc.co.uk>
Date:   Thu Sep 24 14:33:46 2020 +0100

    Ensure SSL certificate and key directories and symlinks are present
    
    These tasks have been factored out of the horizon and keystone roles
    so that they are only defined in a single place.
    
    Change-Id: I074c005074e4e4071e4a57b3ddf7f4d508a56749

diff --git a/tasks/openstack_hosts_configure_dnf.yml b/tasks/openstack_hosts_configure_dnf.yml
index fa44a69..fe004a4 100644
--- a/tasks/openstack_hosts_configure_dnf.yml
+++ b/tasks/openstack_hosts_configure_dnf.yml
@@ -116,3 +116,23 @@
   when:
     - ('module_hotfixes' in item)
   with_items: "{{ openstack_hosts_package_repos }}"
+
+- name: Create SSL certificate and key directories
+  file:
+    path: "{{ item.path }}"
+    state: directory
+    owner: "{{ item.owner|default(root) }}"
+    group: "{{ item.group|default(root) }}"
+    mode: "{{ item.mode|default('0755') }}"
+  with_items:
+    - { path: "/etc/pki/tls/certs", owner: "root", group: "root" }
+    - { path: "/etc/pki/tls/private", owner: "root", group: "root" }
+
+- name: Create SSL certificate and key directory symlinks
+  file:
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+    state: "link"
+  with_items:
+    - { src: "/etc/pki/tls/certs", dest: "/etc/ssl/certs" }
+    - { src: "/etc/pki/tls/private", dest: "/etc/ssl/private" }