Merge "NSXV: handle certificate bundles" into stable/train

This commit is contained in:
Zuul 2021-06-07 10:52:15 +00:00 committed by Gerrit Code Review
commit 2888265bb5
1 changed files with 12 additions and 1 deletions

View File

@ -145,7 +145,18 @@ class EdgeListenerManagerFromDict(base_mgr.EdgeLoadbalancerBaseManager):
cert_obj = self.vcns.upload_edge_certificate(edge_id, request)[1]
cert_list = cert_obj.get('certificates', {})
if cert_list:
edge_cert_id = cert_list[0]['objectId']
if len(cert_list) > 1:
LOG.warning(
'Certificate object contains multiple certificates. '
'Using first signed certificate of the bundle')
edge_cert_id = None
for cert in cert_list:
if cert['certificateType'] == 'certificate_signed':
edge_cert_id = cert['objectId']
break
if not edge_cert_id:
error = _("No signed certificate found in certificate bundle")
raise nsxv_exc.NsxPluginException(err_msg=error)
else:
error = _("Failed to upload a certificate to edge %s") % edge_id
raise nsxv_exc.NsxPluginException(err_msg=error)