Update conf DB with CA cert & rename ca_crt field (#5448)

This commit is contained in:
Sumukha Tumkur Vani 2020-09-25 09:20:09 -07:00 committed by GitHub
parent 0311a4a037
commit b5bcfef013
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 4 deletions

View File

@ -18,10 +18,10 @@ do
if [[ -n "$certs" ]]; then if [[ -n "$certs" ]]; then
SERVER_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['server_crt']"` SERVER_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['server_crt']"`
SERVER_KEY=`sonic-cfggen -d -v "RESTAPI['certs']['server_key']"` SERVER_KEY=`sonic-cfggen -d -v "RESTAPI['certs']['server_key']"`
CLIENT_CA_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['client_ca_crt']"` CA_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['ca_crt']"`
CLIENT_CRT_CNAME=`sonic-cfggen -d -v "RESTAPI['certs']['client_crt_cname']"` CLIENT_CRT_CNAME=`sonic-cfggen -d -v "RESTAPI['certs']['client_crt_cname']"`
if [[ -f $SERVER_CRT && -f $SERVER_KEY && -f $CLIENT_CA_CRT ]]; then if [[ -f $SERVER_CRT && -f $SERVER_KEY && -f $CA_CRT ]]; then
RESTAPI_ARGS+=" -enablehttps=true -servercert=$SERVER_CRT -serverkey=$SERVER_KEY -clientcert=$CLIENT_CA_CRT -clientcertcommonname=$CLIENT_CRT_CNAME" RESTAPI_ARGS+=" -enablehttps=true -servercert=$SERVER_CRT -serverkey=$SERVER_KEY -clientcert=$CA_CRT -clientcertcommonname=$CLIENT_CRT_CNAME"
break break
fi fi
fi fi

View File

@ -1139,7 +1139,7 @@ def parse_xml(filename, platform=None, port_config_file=None, asic_name=None, hw
'certs': { 'certs': {
'server_crt': '/etc/sonic/credentials/restapiserver.crt', 'server_crt': '/etc/sonic/credentials/restapiserver.crt',
'server_key': '/etc/sonic/credentials/restapiserver.key', 'server_key': '/etc/sonic/credentials/restapiserver.key',
'client_ca_crt': '/etc/sonic/credentials/restapiclient.crt', 'ca_crt': '/etc/sonic/credentials/restapica.crt',
'client_crt_cname': 'client.restapi.sonic' 'client_crt_cname': 'client.restapi.sonic'
} }
} }