Commit 225885d2 authored by Antoine Catton's avatar Antoine Catton

Don't regenerate ssl keys every buildout run

parent 87e32328
...@@ -110,17 +110,21 @@ class Recipe(BaseSlapRecipe): ...@@ -110,17 +110,21 @@ class Recipe(BaseSlapRecipe):
def createCertificate(self, size=1024, subject='/C=FR/L=Marcq-en-Baroeul/O=Nexedi'): def createCertificate(self, size=1024, subject='/C=FR/L=Marcq-en-Baroeul/O=Nexedi'):
key_file = os.path.join(self.etc_directory, 'httpd.key') key_file = os.path.join(self.etc_directory, 'httpd.key')
self.path_list.append(key_file)
certificate_file = os.path.join(self.etc_directory, 'httpd.crt') certificate_file = os.path.join(self.etc_directory, 'httpd.crt')
self.path_list.append(certificate_file)
subprocess.check_call([self.options['openssl_binary'], files = [key_file, certificate_file, ]
'req', '-x509', '-nodes', if not all([os.path.exists(f) for f in files]):
'-newkey', 'rsa:%s' % size, for f in files:
'-subj', str(subject), if os.path.exists(f):
'-out', certificate_file, os.unlink(f)
'-keyout', key_file
]) subprocess.check_call([self.options['openssl_binary'],
'req', '-x509', '-nodes',
'-newkey', 'rsa:%s' % size,
'-subj', str(subject),
'-out', certificate_file,
'-keyout', key_file
])
return dict(key=key_file, return dict(key=key_file,
certificate=certificate_file) certificate=certificate_file)
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment