From 9381a255bf56f5aedcd1f3ebf744c265942edcc9 Mon Sep 17 00:00:00 2001
From: Alexander Hughes <Alexander.Hughes@pm.me>
Date: Wed, 19 May 2021 08:32:36 -0400
Subject: [PATCH] Update cert filename validation to *.pem

Users leveraging custom certs directories face errors when deploying
if the directory contains any files that do not end in .pem. This
change adds additional validation to ensure files are *.pem before
attempting further logic.

Signed-off-by: Alexander Hughes <Alexander.Hughes@pm.me>
---
 pki/util.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pki/util.go b/pki/util.go
index d1daf853..ecad7d29 100644
--- a/pki/util.go
+++ b/pki/util.go
@@ -592,7 +592,7 @@ func ReadCertsAndKeysFromDir(certDir string) (map[string]CertificatePKI, error)
 
 	for _, file := range files {
 		logrus.Debugf("[certificates] reading file %s from directory [%s]", file.Name(), certDir)
-		if !strings.HasSuffix(file.Name(), "-key.pem") && !strings.HasSuffix(file.Name(), "-csr.pem") {
+		if strings.HasSuffix(file.Name(), ".pem") && !strings.HasSuffix(file.Name(), "-key.pem") && !strings.HasSuffix(file.Name(), "-csr.pem") {
 			// fetching cert
 			cert, err := getCertFromFile(certDir, file.Name())
 			if err != nil {