Update conf DB with CA cert & rename ca_crt field (#5448)

2020-09-25 09:20:09 -07:00 · 2020-09-25 09:20:09 -07:00 · b5bcfef013
commit b5bcfef013
parent 0311a4a037
2 changed files with 4 additions and 4 deletions
--- a/dockers/docker-sonic-restapi/restapi.sh
+++ b/dockers/docker-sonic-restapi/restapi.sh
@ -18,10 +18,10 @@ do
        if [[ -n "$certs" ]]; then
                SERVER_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['server_crt']"`
                SERVER_KEY=`sonic-cfggen -d -v "RESTAPI['certs']['server_key']"`
-                CLIENT_CA_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['client_ca_crt']"`
+                CA_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['ca_crt']"`
                CLIENT_CRT_CNAME=`sonic-cfggen -d -v "RESTAPI['certs']['client_crt_cname']"`
-                if [[ -f $SERVER_CRT && -f $SERVER_KEY && -f $CLIENT_CA_CRT ]]; then
-                    RESTAPI_ARGS+=" -enablehttps=true -servercert=$SERVER_CRT -serverkey=$SERVER_KEY -clientcert=$CLIENT_CA_CRT -clientcertcommonname=$CLIENT_CRT_CNAME"
+                if [[ -f $SERVER_CRT && -f $SERVER_KEY && -f $CA_CRT ]]; then
+                    RESTAPI_ARGS+=" -enablehttps=true -servercert=$SERVER_CRT -serverkey=$SERVER_KEY -clientcert=$CA_CRT -clientcertcommonname=$CLIENT_CRT_CNAME"
                    break
                fi
        fi
--- a/src/sonic-config-engine/minigraph.py
+++ b/src/sonic-config-engine/minigraph.py
@ -1139,7 +1139,7 @@ def parse_xml(filename, platform=None, port_config_file=None, asic_name=None, hw
        'certs': {
            'server_crt': '/etc/sonic/credentials/restapiserver.crt',
            'server_key': '/etc/sonic/credentials/restapiserver.key',
-            'client_ca_crt': '/etc/sonic/credentials/restapiclient.crt',
+            'ca_crt': '/etc/sonic/credentials/restapica.crt',
            'client_crt_cname': 'client.restapi.sonic'
        }
    }