mirror of
https://github.com/rancher/rke.git
synced 2025-08-09 18:58:38 +00:00
Improve logging when using custom certs
This commit is contained in:
parent
e395badf82
commit
f885ebbaa1
@ -592,19 +592,21 @@ func ReadCertsAndKeysFromDir(certDir string) (map[string]CertificatePKI, error)
|
|||||||
|
|
||||||
for _, file := range files {
|
for _, file := range files {
|
||||||
logrus.Debugf("[certificates] reading file %s from directory [%s]", file.Name(), certDir)
|
logrus.Debugf("[certificates] reading file %s from directory [%s]", file.Name(), certDir)
|
||||||
|
if !strings.HasSuffix(file.Name(), "-key.pem") && !strings.HasSuffix(file.Name(), "-csr.pem") {
|
||||||
// fetching cert
|
// fetching cert
|
||||||
cert, err := getCertFromFile(certDir, file.Name())
|
cert, err := getCertFromFile(certDir, file.Name())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
continue
|
return nil, err
|
||||||
}
|
}
|
||||||
// fetching the cert's key
|
// fetching the cert's key
|
||||||
certName := strings.TrimSuffix(file.Name(), ".pem")
|
certName := strings.TrimSuffix(file.Name(), ".pem")
|
||||||
key, err := getKeyFromFile(certDir, certName+"-key.pem")
|
key, err := getKeyFromFile(certDir, certName+"-key.pem")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
continue
|
return nil, err
|
||||||
}
|
}
|
||||||
certMap[certName] = ToCertObject(certName, getCommonName(certName), getOUName(certName), cert, key, nil)
|
certMap[certName] = ToCertObject(certName, getCommonName(certName), getOUName(certName), cert, key, nil)
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return certMap, nil
|
return certMap, nil
|
||||||
}
|
}
|
||||||
@ -633,6 +635,7 @@ func getCertFromFile(certDir string, fileName string) (*x509.Certificate, error)
|
|||||||
var certificate *x509.Certificate
|
var certificate *x509.Certificate
|
||||||
certPEM, _ := ioutil.ReadFile(filepath.Join(certDir, fileName))
|
certPEM, _ := ioutil.ReadFile(filepath.Join(certDir, fileName))
|
||||||
if len(certPEM) > 0 {
|
if len(certPEM) > 0 {
|
||||||
|
logrus.Debugf("Certificate file [%s/%s] content is greater than 0", certDir, fileName)
|
||||||
certificates, err := cert.ParseCertsPEM(certPEM)
|
certificates, err := cert.ParseCertsPEM(certPEM)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("failed to read certificate [%s]: %v", fileName, err)
|
return nil, fmt.Errorf("failed to read certificate [%s]: %v", fileName, err)
|
||||||
@ -648,7 +651,7 @@ func getKeyFromFile(certDir string, fileName string) (*rsa.PrivateKey, error) {
|
|||||||
if len(keyPEM) > 0 {
|
if len(keyPEM) > 0 {
|
||||||
keyInterface, err := cert.ParsePrivateKeyPEM(keyPEM)
|
keyInterface, err := cert.ParsePrivateKeyPEM(keyPEM)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("failed to read key [%s]: %v", fileName, err)
|
return nil, fmt.Errorf("failed to read key [%s], make sure it is not encrypted: %v", fileName, err)
|
||||||
}
|
}
|
||||||
key = keyInterface.(*rsa.PrivateKey)
|
key = keyInterface.(*rsa.PrivateKey)
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user