weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Self-signed issuers return a copy of the same certificate that was issued as the CA

Browse Source 
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
This commit is contained in:
Max Ehrlich 2018-09-13 17:02:54 -04:00
parent 511650ca82
commit 213d5ec6b5
No known key found for this signature in database
GPG Key ID: 439AC62D3C8A495A
2 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pkg/issuer/selfsigned/issue.go
View File

@ -49,7 +49,7 @@ const (
defaultOrganization = "cert-manager"
)
func (c *SelfSigned) Issue(ctx context.Context, crt *v1alpha1.Certificate) ([]byte, []byte, error) {
func (c *SelfSigned) Issue(ctx context.Context, crt *v1alpha1.Certificate) ([]byte, []byte, []byte, error) {
signeeKey, err := kube.SecretTLSKey(c.secretsLister, crt.Namespace, crt.Spec.SecretName)
if k8sErrors.IsNotFound(err) || errors.IsInvalidData(err) {
@ -59,7 +59,7 @@ func (c *SelfSigned) Issue(ctx context.Context, crt *v1alpha1.Certificate) ([]by
if err != nil {
s := messageErrorGetCertKeyPair + err.Error()
crt.UpdateStatusCondition(v1alpha1.CertificateConditionReady, v1alpha1.ConditionFalse, errorGetCertKeyPair, s, false)
return nil, nil, err
return nil, nil, nil, err
}
certPem, err := c.obtainCertificate(crt, signeeKey)
@ -67,7 +67,7 @@ func (c *SelfSigned) Issue(ctx context.Context, crt *v1alpha1.Certificate) ([]by
if err != nil {
s := messageErrorIssueCert + err.Error()
crt.UpdateStatusCondition(v1alpha1.CertificateConditionReady, v1alpha1.ConditionFalse, errorIssueCert, s, false)
return nil, nil, err
return nil, nil, nil, err
}
crt.UpdateStatusCondition(v1alpha1.CertificateConditionReady, v1alpha1.ConditionTrue, successCertIssued, messageCertIssued, true)
@ -76,10 +76,10 @@ func (c *SelfSigned) Issue(ctx context.Context, crt *v1alpha1.Certificate) ([]by
if err != nil {
s := messageErrorEncodePrivateKey + err.Error()
crt.UpdateStatusCondition(v1alpha1.CertificateConditionReady, v1alpha1.ConditionFalse, errorEncodePrivateKey, s, false)
return nil, nil, err
return nil, nil, nil, err
}
return keyPem, certPem, nil
return keyPem, certPem, certPem, nil
}
func (c *SelfSigned) obtainCertificate(crt *v1alpha1.Certificate, privateKey crypto.PrivateKey) ([]byte, error) {

10
pkg/issuer/selfsigned/renew.go
View File

@ -34,13 +34,13 @@ const (
messageCertRenewed = "Certificate issued successfully"
)
func (c *SelfSigned) Renew(ctx context.Context, crt *v1alpha1.Certificate) ([]byte, []byte, error) {
func (c *SelfSigned) Renew(ctx context.Context, crt *v1alpha1.Certificate) ([]byte, []byte, []byte, error) {
signeeKey, err := kube.SecretTLSKey(c.secretsLister, crt.Namespace, crt.Spec.SecretName)
if err != nil {
s := messageErrorGetCertKeyPair + err.Error()
crt.UpdateStatusCondition(v1alpha1.CertificateConditionReady, v1alpha1.ConditionFalse, errorGetCertKeyPair, s, false)
return nil, nil, err
return nil, nil, nil, err
}
certPem, err := c.obtainCertificate(crt, signeeKey)
@ -48,7 +48,7 @@ func (c *SelfSigned) Renew(ctx context.Context, crt *v1alpha1.Certificate) ([]by
if err != nil {
s := messageErrorRenewCert + err.Error()
crt.UpdateStatusCondition(v1alpha1.CertificateConditionReady, v1alpha1.ConditionFalse, errorRenewCert, s, false)
return nil, nil, err
return nil, nil, nil, err
}
crt.UpdateStatusCondition(v1alpha1.CertificateConditionReady, v1alpha1.ConditionTrue, successCertRenewed, messageCertRenewed, true)
@ -57,8 +57,8 @@ func (c *SelfSigned) Renew(ctx context.Context, crt *v1alpha1.Certificate) ([]by
if err != nil {
s := messageErrorEncodePrivateKey + err.Error()
crt.UpdateStatusCondition(v1alpha1.CertificateConditionReady, v1alpha1.ConditionFalse, errorEncodePrivateKey, s, false)
return nil, nil, err
return nil, nil, nil, err
}
return keyPem, certPem, nil
return keyPem, certPem, certPem, nil
}