From e624ca96875edab72e5a9e3b5f615698501bcf98 Mon Sep 17 00:00:00 2001 From: Salvatore Orlando Date: Wed, 14 Apr 2021 12:54:48 -0700 Subject: [PATCH] [Admin Shell][NSX-V] Set vCenter ca cert only if pem file exists Avoid trying to validate server certificate again a non-existing pem file. That would be unlikely to work. Change-Id: Idde4ff67bf52a8c331ab89e0c61f9982c8aab7de --- .../shell/admin/plugins/nsxv/resources/migration.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/vmware_nsx/shell/admin/plugins/nsxv/resources/migration.py b/vmware_nsx/shell/admin/plugins/nsxv/resources/migration.py index 8412695dfe..39e0a13a02 100644 --- a/vmware_nsx/shell/admin/plugins/nsxv/resources/migration.py +++ b/vmware_nsx/shell/admin/plugins/nsxv/resources/migration.py @@ -12,6 +12,7 @@ # License for the specific language governing permissions and limitations # under the License. +import os import sys import netaddr @@ -539,9 +540,10 @@ def validate_config_for_migration(resource, event, trigger, **kwargs): # to vcenter will fail if not cfg.CONF.dvs.ca_file: ca_file_default = "/etc/ssl/certs/vcenter.pem" - LOG.info("ca_file for vCenter unset, defaulting to: %s", - ca_file_default) - cfg.CONF.set_override('ca_file', ca_file_default, 'dvs') + if os.path.isfile(ca_file_default): + LOG.info("ca_file for vCenter unset, defaulting to: %s", + ca_file_default) + cfg.CONF.set_override('ca_file', ca_file_default, 'dvs') LOG.info("Running migration config validation in %sstrict mode", '' if strict else 'non-')