Have certs_install install all custom certs for requests as well
Also supports `extra_ca_certs` being a single file, which is useful for the Kubernetes configmap case Fixes https://www.pivotaltracker.com/story/show/134302623
This commit is contained in:
parent
244bf2a070
commit
009c1f7a5f
1 changed files with 12 additions and 2 deletions
|
@ -7,9 +7,19 @@ then
|
||||||
cp /conf/stack/ldap.crt /usr/local/share/ca-certificates/ldap.crt
|
cp /conf/stack/ldap.crt /usr/local/share/ca-certificates/ldap.crt
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Add extra trusted certificates
|
# Add extra trusted certificates (as a directory)
|
||||||
if [ -d /conf/stack/extra_ca_certs ]; then
|
if [ -d /conf/stack/extra_ca_certs ]; then
|
||||||
|
echo "Installing extra certificates found in /conf/stack/extra_ca_certs directory"
|
||||||
cp /conf/stack/extra_ca_certs/* /usr/local/share/ca-certificates/
|
cp /conf/stack/extra_ca_certs/* /usr/local/share/ca-certificates/
|
||||||
|
cat /conf/stack/extra_ca_certs/* >> /venv/lib/python2.7/site-packages/requests/cacert.pem
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Add extra trusted certificates (as a file)
|
||||||
|
if [ -f /conf/stack/extra_ca_certs ]; then
|
||||||
|
echo "Installing extra certificates found in /conf/stack/extra_ca_certs file"
|
||||||
|
csplit -z -f /usr/local/share/ca-certificates/extra-ca- /conf/stack/extra_ca_certs '/-----BEGIN CERTIFICATE-----/' '{*}'
|
||||||
|
cat /conf/stack/extra_ca_certs >> /venv/lib/python2.7/site-packages/requests/cacert.pem
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Update all CA certificates.
|
||||||
update-ca-certificates
|
update-ca-certificates
|
||||||
|
|
Reference in a new issue