From da422d6ed63f48a9b54ab6a87a6b2f0b0562e8d8 Mon Sep 17 00:00:00 2001 From: sunportainer <93502624+sunportainer@users.noreply.github.com> Date: Mon, 13 Dec 2021 23:43:55 +0800 Subject: [PATCH] fix(ssl)//handle --sslcert and --sslkey ee-2106 (#6203) * fix/ee-2106/handle-sslcert-sslkey Co-authored-by: sunportainer --- api/filesystem/filesystem.go | 4 ++-- api/internal/ssl/ssl.go | 20 ++++++++++---------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/api/filesystem/filesystem.go b/api/filesystem/filesystem.go index b76d337f3..1fb58aa8c 100644 --- a/api/filesystem/filesystem.go +++ b/api/filesystem/filesystem.go @@ -612,12 +612,12 @@ func (service *Service) StoreSSLCertPair(cert, key []byte) (string, string, erro func (service *Service) CopySSLCertPair(certPath, keyPath string) (string, string, error) { defCertPath, defKeyPath := service.GetDefaultSSLCertsPath() - err := service.Copy(certPath, defCertPath, false) + err := service.Copy(certPath, defCertPath, true) if err != nil { return "", "", err } - err = service.Copy(keyPath, defKeyPath, false) + err = service.Copy(keyPath, defKeyPath, true) if err != nil { return "", "", err } diff --git a/api/internal/ssl/ssl.go b/api/internal/ssl/ssl.go index 7062858f2..81fbc8c3d 100644 --- a/api/internal/ssl/ssl.go +++ b/api/internal/ssl/ssl.go @@ -31,6 +31,16 @@ func NewService(fileService portainer.FileService, dataStore portainer.DataStore // Init initializes the service func (service *Service) Init(host, certPath, keyPath string) error { + pathSupplied := certPath != "" && keyPath != "" + if pathSupplied { + newCertPath, newKeyPath, err := service.fileService.CopySSLCertPair(certPath, keyPath) + if err != nil { + return errors.Wrap(err, "failed copying supplied certs") + } + + return service.cacheInfo(newCertPath, newKeyPath, false) + } + settings, err := service.GetSSLSettings() if err != nil { return errors.Wrap(err, "failed fetching ssl settings") @@ -49,16 +59,6 @@ func (service *Service) Init(host, certPath, keyPath string) error { } } - pathSupplied := certPath != "" && keyPath != "" - if pathSupplied { - newCertPath, newKeyPath, err := service.fileService.CopySSLCertPair(certPath, keyPath) - if err != nil { - return errors.Wrap(err, "failed copying supplied certs") - } - - return service.cacheInfo(newCertPath, newKeyPath, false) - } - // path not supplied and certificates doesn't exist - generate self signed certPath, keyPath = service.fileService.GetDefaultSSLCertsPath()