openstack/devstack
Code Issues Proposed changes

Merge "Don't make root CA if it exists"

Browse Source
This commit is contained in:
Jenkins 2016-09-27 04:03:24 +00:00 committed by Gerrit Code Review
commit 71afa25250
1 changed files with 12 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
lib/tls
View File

@ -322,15 +322,17 @@ function make_root_CA {
create_CA_base $ca_dir create_CA_base $ca_dir
create_CA_config $ca_dir 'Root CA' create_CA_config $ca_dir 'Root CA'
# Create a self-signed certificate valid for 5 years if [ ! -r "$ca_dir/cacert.pem" ]; then
$OPENSSL req -config $ca_dir/ca.conf \ # Create a self-signed certificate valid for 5 years
-x509 \ $OPENSSL req -config $ca_dir/ca.conf \
-nodes \ -x509 \
-newkey rsa \ -nodes \
-days 21360 \ -newkey rsa \
-keyout $ca_dir/private/cacert.key \ -days 21360 \
-out $ca_dir/cacert.pem \ -keyout $ca_dir/private/cacert.key \
-outform PEM -out $ca_dir/cacert.pem \
-outform PEM
fi
} }
# If a non-system python-requests is installed then it will use the # If a non-system python-requests is installed then it will use the
@ -507,7 +509,7 @@ function cleanup_CA {
sudo update-ca-certificates sudo update-ca-certificates
fi fi
rm -rf "$DATA_DIR/CA" "$DEVSTACK_CERT" rm -rf "$INT_CA_DIR" "$ROOT_CA_DIR" "$DEVSTACK_CERT"
} }
# Tell emacs to use shell-script-mode # Tell emacs to use shell-script-mode