Update conf DB with CA cert & rename ca_crt field (#5448)
This commit is contained in:
parent
0311a4a037
commit
b5bcfef013
@ -18,10 +18,10 @@ do
|
|||||||
if [[ -n "$certs" ]]; then
|
if [[ -n "$certs" ]]; then
|
||||||
SERVER_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['server_crt']"`
|
SERVER_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['server_crt']"`
|
||||||
SERVER_KEY=`sonic-cfggen -d -v "RESTAPI['certs']['server_key']"`
|
SERVER_KEY=`sonic-cfggen -d -v "RESTAPI['certs']['server_key']"`
|
||||||
CLIENT_CA_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['client_ca_crt']"`
|
CA_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['ca_crt']"`
|
||||||
CLIENT_CRT_CNAME=`sonic-cfggen -d -v "RESTAPI['certs']['client_crt_cname']"`
|
CLIENT_CRT_CNAME=`sonic-cfggen -d -v "RESTAPI['certs']['client_crt_cname']"`
|
||||||
if [[ -f $SERVER_CRT && -f $SERVER_KEY && -f $CLIENT_CA_CRT ]]; then
|
if [[ -f $SERVER_CRT && -f $SERVER_KEY && -f $CA_CRT ]]; then
|
||||||
RESTAPI_ARGS+=" -enablehttps=true -servercert=$SERVER_CRT -serverkey=$SERVER_KEY -clientcert=$CLIENT_CA_CRT -clientcertcommonname=$CLIENT_CRT_CNAME"
|
RESTAPI_ARGS+=" -enablehttps=true -servercert=$SERVER_CRT -serverkey=$SERVER_KEY -clientcert=$CA_CRT -clientcertcommonname=$CLIENT_CRT_CNAME"
|
||||||
break
|
break
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
@ -1139,7 +1139,7 @@ def parse_xml(filename, platform=None, port_config_file=None, asic_name=None, hw
|
|||||||
'certs': {
|
'certs': {
|
||||||
'server_crt': '/etc/sonic/credentials/restapiserver.crt',
|
'server_crt': '/etc/sonic/credentials/restapiserver.crt',
|
||||||
'server_key': '/etc/sonic/credentials/restapiserver.key',
|
'server_key': '/etc/sonic/credentials/restapiserver.key',
|
||||||
'client_ca_crt': '/etc/sonic/credentials/restapiclient.crt',
|
'ca_crt': '/etc/sonic/credentials/restapica.crt',
|
||||||
'client_crt_cname': 'client.restapi.sonic'
|
'client_crt_cname': 'client.restapi.sonic'
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user