Add crl-dist-point to upload-signed-csr action
Change-Id: I5917771295d55ffb4b67191e2c6b687ad9170343
This commit is contained in:
parent
e00cb3f3f4
commit
dedb4d4260
|
@ -107,6 +107,11 @@ upload-signed-csr:
|
|||
default: '8760h'
|
||||
description: >-
|
||||
Specifies the maximum Time To Live
|
||||
crl-dist-point:
|
||||
type: string
|
||||
default: ''
|
||||
description: >-
|
||||
Specifies Certificate Revocation List Distribution Point
|
||||
root-ca:
|
||||
type: string
|
||||
description: >-
|
||||
|
|
|
@ -131,7 +131,8 @@ def upload_signed_csr(*args):
|
|||
allow_subdomains=action_config.get('allow-subdomains'),
|
||||
enforce_hostnames=action_config.get('enforce-hostnames'),
|
||||
allow_any_name=action_config.get('allow-any-name'),
|
||||
max_ttl=action_config.get('max-ttl'))
|
||||
max_ttl=action_config.get('max-ttl'),
|
||||
crl_dist_point=action_config.get('crl-dist-point'))
|
||||
set_flag('charm.vault.ca.ready')
|
||||
set_flag('pki.backend.tuned')
|
||||
# reissue any certificates we might previously have provided
|
||||
|
|
|
@ -203,7 +203,7 @@ def get_csr(ttl=None, common_name=None, locality=None,
|
|||
|
||||
def upload_signed_csr(pem, allowed_domains, allow_subdomains=True,
|
||||
enforce_hostnames=False, allow_any_name=True,
|
||||
max_ttl=None):
|
||||
max_ttl=None,crl_dist_point=None):
|
||||
"""Upload signed csr to intermediate pki
|
||||
|
||||
:param pem: signed csr in pem format
|
||||
|
@ -234,7 +234,7 @@ def upload_signed_csr(pem, allowed_domains, allow_subdomains=True,
|
|||
{
|
||||
"issuing_certificates": "{}/v1/{}/ca".format(addr, CHARM_PKI_MP),
|
||||
"crl_distribution_points":
|
||||
"{}/v1/{}/crl".format(addr, CHARM_PKI_MP),
|
||||
"{}/v1/{}/crl".format(addr, CHARM_PKI_MP) if not crl_dist_point else crl_dist_point,
|
||||
},
|
||||
mount_point=CHARM_PKI_MP
|
||||
)
|
||||
|
|
Loading…
Reference in New Issue