diff --git a/api/filesystem/filesystem.go b/api/filesystem/filesystem.go index b76d337f3..1fb58aa8c 100644 --- a/api/filesystem/filesystem.go +++ b/api/filesystem/filesystem.go @@ -612,12 +612,12 @@ func (service *Service) StoreSSLCertPair(cert, key []byte) (string, string, erro func (service *Service) CopySSLCertPair(certPath, keyPath string) (string, string, error) { defCertPath, defKeyPath := service.GetDefaultSSLCertsPath() - err := service.Copy(certPath, defCertPath, false) + err := service.Copy(certPath, defCertPath, true) if err != nil { return "", "", err } - err = service.Copy(keyPath, defKeyPath, false) + err = service.Copy(keyPath, defKeyPath, true) if err != nil { return "", "", err } diff --git a/api/internal/ssl/ssl.go b/api/internal/ssl/ssl.go index 7062858f2..81fbc8c3d 100644 --- a/api/internal/ssl/ssl.go +++ b/api/internal/ssl/ssl.go @@ -31,6 +31,16 @@ func NewService(fileService portainer.FileService, dataStore portainer.DataStore // Init initializes the service func (service *Service) Init(host, certPath, keyPath string) error { + pathSupplied := certPath != "" && keyPath != "" + if pathSupplied { + newCertPath, newKeyPath, err := service.fileService.CopySSLCertPair(certPath, keyPath) + if err != nil { + return errors.Wrap(err, "failed copying supplied certs") + } + + return service.cacheInfo(newCertPath, newKeyPath, false) + } + settings, err := service.GetSSLSettings() if err != nil { return errors.Wrap(err, "failed fetching ssl settings") @@ -49,16 +59,6 @@ func (service *Service) Init(host, certPath, keyPath string) error { } } - pathSupplied := certPath != "" && keyPath != "" - if pathSupplied { - newCertPath, newKeyPath, err := service.fileService.CopySSLCertPair(certPath, keyPath) - if err != nil { - return errors.Wrap(err, "failed copying supplied certs") - } - - return service.cacheInfo(newCertPath, newKeyPath, false) - } - // path not supplied and certificates doesn't exist - generate self signed certPath, keyPath = service.fileService.GetDefaultSSLCertsPath()