The SSH CA should sign the host FQDN
Right now we're using inventory_hostname as the principal for SSH host certificates - that's not too useful for clients, it would be better to use the FQDN.
Right now we're using inventory_hostname as the principal for SSH host certificates - that's not too useful for clients, it would be better to use the FQDN.