From 41e6992ea703ccfdb37ff9f9c63e0e0ff2162c73 Mon Sep 17 00:00:00 2001 From: Kapil Thangavelu Date: Tue, 4 Mar 2014 08:56:18 -0500 Subject: [PATCH] keystone ssl ca sync whenver we sync passwords --- hooks/keystone_ssl.py | 2 ++ hooks/keystone_utils.py | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/hooks/keystone_ssl.py b/hooks/keystone_ssl.py index 45e0029d..1cbdfad7 100755 --- a/hooks/keystone_ssl.py +++ b/hooks/keystone_ssl.py @@ -1,10 +1,12 @@ #!/usr/bin/python +import base64 import os import shutil import subprocess import tarfile import tempfile +import zipfile CA_EXPIRY = '365' ORG_NAME = 'Ubuntu' diff --git a/hooks/keystone_utils.py b/hooks/keystone_utils.py index 79eaa6c3..19cdb4a9 100755 --- a/hooks/keystone_utils.py +++ b/hooks/keystone_utils.py @@ -552,6 +552,9 @@ def synchronize_service_credentials(): unison.sync_to_peers(peer_interface='cluster', paths=[SERVICE_PASSWD_PATH], user=SSH_USER, verbose=True) + if config('http-service-endpoints') in ['True', 'true']: + unison.sync_to_peers(peer_interface='cluster', + paths=[SSL_DIR], user=SSH_USER, verbose=True) CA = [] @@ -746,9 +749,6 @@ def add_service_to_keystone(relation_id=None, remote_unit=None): relation_data['ssl_key'] = b64encode(key) relation_data['ca_cert'] = b64encode(ca_bundle) relation_data['https_keystone'] = 'True' - if is_clustered(): - unison.sync_to_peers(peer_interface='cluster', - paths=[SSL_DIR], user=SSH_USER, verbose=True) relation_set(relation_id=relation_id, **relation_data)