[Admin Shell][NSX-V] Set vCenter ca cert only if pem file exists

Avoid trying to validate server certificate again a non-existing
pem file. That would be unlikely to work.

Change-Id: Idde4ff67bf52a8c331ab89e0c61f9982c8aab7de
This commit is contained in:
Salvatore Orlando 2021-04-14 12:54:48 -07:00
parent d7499f8fb6
commit 9a77e72061
1 changed files with 6 additions and 3 deletions

View File

@ -12,6 +12,8 @@
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
import os
import netaddr import netaddr
from oslo_config import cfg from oslo_config import cfg
from oslo_log import log as logging from oslo_log import log as logging
@ -537,9 +539,10 @@ def validate_config_for_migration(resource, event, trigger, **kwargs):
# to vcenter will fail # to vcenter will fail
if not cfg.CONF.dvs.ca_file: if not cfg.CONF.dvs.ca_file:
ca_file_default = "/etc/ssl/certs/vcenter.pem" ca_file_default = "/etc/ssl/certs/vcenter.pem"
LOG.info("ca_file for vCenter unset, defaulting to: %s", if os.path.isfile(ca_file_default):
ca_file_default) LOG.info("ca_file for vCenter unset, defaulting to: %s",
cfg.CONF.set_override('ca_file', ca_file_default, 'dvs') ca_file_default)
cfg.CONF.set_override('ca_file', ca_file_default, 'dvs')
LOG.info("Running migration config validation in %sstrict mode", LOG.info("Running migration config validation in %sstrict mode",
'' if strict else 'non-') '' if strict else 'non-')