fix(ssl)//handle --sslcert and --sslkey ee-2106 (#6203)

* fix/ee-2106/handle-sslcert-sslkey

Co-authored-by: sunportainer <ericsun@SG1.local>
pull/6275/head
sunportainer 3 years ago committed by GitHub
parent eb517c2e12
commit da422d6ed6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -612,12 +612,12 @@ func (service *Service) StoreSSLCertPair(cert, key []byte) (string, string, erro
func (service *Service) CopySSLCertPair(certPath, keyPath string) (string, string, error) { func (service *Service) CopySSLCertPair(certPath, keyPath string) (string, string, error) {
defCertPath, defKeyPath := service.GetDefaultSSLCertsPath() defCertPath, defKeyPath := service.GetDefaultSSLCertsPath()
err := service.Copy(certPath, defCertPath, false) err := service.Copy(certPath, defCertPath, true)
if err != nil { if err != nil {
return "", "", err return "", "", err
} }
err = service.Copy(keyPath, defKeyPath, false) err = service.Copy(keyPath, defKeyPath, true)
if err != nil { if err != nil {
return "", "", err return "", "", err
} }

@ -31,6 +31,16 @@ func NewService(fileService portainer.FileService, dataStore portainer.DataStore
// Init initializes the service // Init initializes the service
func (service *Service) Init(host, certPath, keyPath string) error { func (service *Service) Init(host, certPath, keyPath string) error {
pathSupplied := certPath != "" && keyPath != ""
if pathSupplied {
newCertPath, newKeyPath, err := service.fileService.CopySSLCertPair(certPath, keyPath)
if err != nil {
return errors.Wrap(err, "failed copying supplied certs")
}
return service.cacheInfo(newCertPath, newKeyPath, false)
}
settings, err := service.GetSSLSettings() settings, err := service.GetSSLSettings()
if err != nil { if err != nil {
return errors.Wrap(err, "failed fetching ssl settings") return errors.Wrap(err, "failed fetching ssl settings")
@ -49,16 +59,6 @@ func (service *Service) Init(host, certPath, keyPath string) error {
} }
} }
pathSupplied := certPath != "" && keyPath != ""
if pathSupplied {
newCertPath, newKeyPath, err := service.fileService.CopySSLCertPair(certPath, keyPath)
if err != nil {
return errors.Wrap(err, "failed copying supplied certs")
}
return service.cacheInfo(newCertPath, newKeyPath, false)
}
// path not supplied and certificates doesn't exist - generate self signed // path not supplied and certificates doesn't exist - generate self signed
certPath, keyPath = service.fileService.GetDefaultSSLCertsPath() certPath, keyPath = service.fileService.GetDefaultSSLCertsPath()

Loading…
Cancel
Save