Merge "Revert "Strip signed certificate""

magnum/common/x509/operations.py

@@ -226,7 +226,7 @@ def sign(csr, issuer_name, ca_key, ca_key_password=None,
     certificate = builder.sign(
         private_key=ca_key, algorithm=hashes.SHA256(),
         backend=default_backend()
-    ).public_bytes(serialization.Encoding.PEM).strip()
+    ).public_bytes(serialization.Encoding.PEM)
 
     return certificate
 

magnum/tests/unit/common/x509/test_sign.py

@@ -223,22 +223,6 @@ class TestX509(base.BaseTestCase):
                         skip_validation=True)
         mock_six.assert_called_once_with(csr)
 
-    @mock.patch('cryptography.x509.load_pem_x509_csr')
-    def test_sign_empty_chars(self, mock_load_pem):
-        ca_key = self._generate_private_key()
-        private_key = self._generate_private_key()
-        csr_obj = self._build_csr(private_key)
-        csr = csr_obj.public_bytes(serialization.Encoding.PEM)
-        csr = six.text_type(csr.decode('utf-8'))
-
-        mock_load_pem.return_value = csr_obj
-        certificate = operations.sign(csr, self.issuer_name,
-                                      ca_key, skip_validation=True)
-
-        # Certificate has to be striped for some parsers
-        self.assertEqual(certificate,
-                         certificate.strip())
-
     def test_sign_with_invalid_csr(self):
         ca_key = self._generate_private_key()
         csr = 'test'

releasenotes/notes/strip-ca-certificate-555b23f5bcb8185b.yaml

@@ -1,7 +0,0 @@
----
-fixes:
-  - |
-    Strip signed certificate. Certificate (ca.crt) has to be striped
-    for some application parsers as they might require pure base64
-    representation of the certificate itself, without empty characters
-    at the beginning nor the end of file.