diff --git a/magnum/common/x509/operations.py b/magnum/common/x509/operations.py index 1b63b268d0..5d3c5a850a 100644 --- a/magnum/common/x509/operations.py +++ b/magnum/common/x509/operations.py @@ -226,7 +226,7 @@ def sign(csr, issuer_name, ca_key, ca_key_password=None, certificate = builder.sign( private_key=ca_key, algorithm=hashes.SHA256(), backend=default_backend() - ).public_bytes(serialization.Encoding.PEM).strip() + ).public_bytes(serialization.Encoding.PEM) return certificate diff --git a/magnum/tests/unit/common/x509/test_sign.py b/magnum/tests/unit/common/x509/test_sign.py index 501ed800a3..19dcdbfaaa 100644 --- a/magnum/tests/unit/common/x509/test_sign.py +++ b/magnum/tests/unit/common/x509/test_sign.py @@ -223,22 +223,6 @@ class TestX509(base.BaseTestCase): skip_validation=True) mock_six.assert_called_once_with(csr) - @mock.patch('cryptography.x509.load_pem_x509_csr') - def test_sign_empty_chars(self, mock_load_pem): - ca_key = self._generate_private_key() - private_key = self._generate_private_key() - csr_obj = self._build_csr(private_key) - csr = csr_obj.public_bytes(serialization.Encoding.PEM) - csr = six.text_type(csr.decode('utf-8')) - - mock_load_pem.return_value = csr_obj - certificate = operations.sign(csr, self.issuer_name, - ca_key, skip_validation=True) - - # Certificate has to be striped for some parsers - self.assertEqual(certificate, - certificate.strip()) - def test_sign_with_invalid_csr(self): ca_key = self._generate_private_key() csr = 'test' diff --git a/releasenotes/notes/strip-ca-certificate-555b23f5bcb8185b.yaml b/releasenotes/notes/strip-ca-certificate-555b23f5bcb8185b.yaml deleted file mode 100644 index efc3b7c456..0000000000 --- a/releasenotes/notes/strip-ca-certificate-555b23f5bcb8185b.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -fixes: - - | - Strip signed certificate. Certificate (ca.crt) has to be striped - for some application parsers as they might require pure base64 - representation of the certificate itself, without empty characters - at the beginning nor the end of file.