starlingx
/
config
Code Issues Proposed changes

Update admin endpoint intermediate CA only when changed 

The API should verify if the intermediate CA certificate is changed before
updating.

Closes-bug: 1902552

Change-Id: Ic2d8c6068a6b5fba7dcdd8ec989eb40c1036aaec
Signed-off-by: Bin Qian <bin.qian@windriver.com>
This commit is contained in:
Bin Qian 2020-11-02 11:57:24 -05:00
parent 77de7dc969
commit cb6379d4a6
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sysinv/sysinv/sysinv/sysinv/conductor/manager.py
View File

@ -11017,8 +11017,10 @@ class ConductorManager(service.PeriodicService):
tls_key = base64.b64encode(sc_ca_key)
tls_crt = base64.b64encode(sc_ca_cert)
ca_crt = base64.b64encode(root_ca_crt)
secret.data['ca.crt'] = ca_crt
if tls_key == secret.data['tls.key'] and tls_crt == secret.data['tls.crt']:
LOG.info('Intermediate CA cert is not changed')
return
secret.data['tls.key'] = tls_key
secret.data['tls.crt'] = tls_crt