New local certificate generator uses local time

The new local certificate generator code uses local time
for validity periods causing failures on hosts that do not
use UTC time.
This patch changes this to always use UTC time for certificate
generation.

Change-Id: Ice15ab53f322ac148c85e1f6e781f63f661d6179
Closes-Bug: #1514601
This commit is contained in:
Michael Johnson 2015-11-09 21:54:56 +00:00
parent a4df43f165
commit f9cfd2cb0f
2 changed files with 7 additions and 6 deletions
octavia
certificates/generator
tests/unit/certificates/generator

@ -123,9 +123,9 @@ class LocalCertGenerator(cert_gen.CertGenerator):
backend=backends.default_backend())
new_cert = x509.CertificateBuilder()
new_cert = new_cert.serial_number(cls._new_serial())
valid_from_datetime = datetime.datetime.today()
valid_to_datetime = datetime.datetime.now() + datetime.timedelta(
seconds=validity)
valid_from_datetime = datetime.datetime.utcnow()
valid_to_datetime = (datetime.datetime.utcnow() +
datetime.timedelta(seconds=validity))
new_cert = new_cert.not_valid_before(valid_from_datetime)
new_cert = new_cert.not_valid_after(valid_to_datetime)
new_cert = new_cert.issuer_name(lo_cert.subject)

@ -57,9 +57,10 @@ class TestLocalGenerator(base.TestCase):
)
ca_cert = x509.CertificateBuilder()
valid_from_datetime = datetime.datetime.today()
valid_until_datetime = datetime.datetime.now() + datetime.timedelta(
seconds=2 * 365 * 24 * 60 * 60)
valid_from_datetime = datetime.datetime.utcnow()
valid_until_datetime = (datetime.datetime.utcnow() +
datetime.timedelta(
seconds=2 * 365 * 24 * 60 * 60))
ca_cert = ca_cert.not_valid_before(valid_from_datetime)
ca_cert = ca_cert.not_valid_after(valid_until_datetime)
ca_cert = ca_cert.serial_number(1)