From 953442f0cbebd227fdc031b5ad1f2357ae9926ac Mon Sep 17 00:00:00 2001
From: David Ames <david.ames@canonical.com>
Date: Thu, 1 Aug 2019 17:24:09 -0700
Subject: [PATCH] Do not concatenate chained certs w/out line breaks

The charm was adding the CA and chain certificate without a line break
leading to an invalid certificate pem file on the client side.

Add a line break when concatenating the ca cert and the chain.

Closes-Bug: #1838709
Change-Id: I646c8419838011160a74c4c4c488c04268825efd
---
 hooks/ssl_utils.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/hooks/ssl_utils.py b/hooks/ssl_utils.py
index 75ea5b92..4feab1a2 100644
--- a/hooks/ssl_utils.py
+++ b/hooks/ssl_utils.py
@@ -13,6 +13,7 @@
 # limitations under the License.
 
 import base64
+import os
 
 from charmhelpers.contrib.ssl.service import ServiceCA
 
@@ -95,7 +96,7 @@ def configure_client_ssl(relation_data):
         relation_certs = get_relation_cert_data()
         ca_data = relation_certs['ca']
         if relation_certs.get('chain'):
-            ca_data = ca_data + relation_certs.get('chain')
+            ca_data = ca_data + os.linesep + relation_certs.get('chain')
         relation_data['ssl_ca'] = b64encoded_string(ca_data)
     else:
         if external_ca: