def server_certficate_update(self, domain=None, intermediate=False):
i = Iam()
e = Elb()
old_name = "old." + domain
i.update_server_cert(cert_name=old_name, new_name=domain)
logger.debug("Rename certificate")
i.update_server_cert(cert_name=domain, new_name=old_name)
logger.debug("Gathering certificates informations")
# We should query old certs, to test if they have been moved, and it is not an incorrect call being made
old_cert = Misc.get_cert_body(name=old_name)
old_key = Misc.get_cert_body(name=old_name, type="key")
new_cert = Misc.get_cert_body(name=domain)
new_key = Misc.get_cert_body(name=domain, type="key")
logger.debug("Uploading new certificate for domain")
if intermediate:
inter_body = Misc.get_cert_body(domain="intermediate")
i.upload_server_cert(cert_name=domain,
pub_key=new_cert,
priv_key=new_key,
cert_chain=inter_body)
else:
i.upload_server_cert(cert_name=domain,
pub_key=new_cert,
priv_key=new_key)
elbs = e.get_elbs_from_ssl_cert()
old_object = i.get_server_cert(name=old_name)
new_object = i.get_server_cert(name=domain)
if old_object['ServerCertificateMetadata']['Arn'] in elbs:
move_elbs = elbs[old_object['ServerCertificateMetadata']['Arn']]
else:
move_elbs = []
for elb in move_elbs:
logger.info("Migrating ELB %s" % elb.get('LoadBalancerName'))
ports = ssl_ports_in_elb(elb=elb)
for port in ports:
logger.debug('Migrating port %s' % port, )
e.set_elb_ssl_cert(
elb_name=elb.get('LoadBalancerName'),
port=port,
cert=new_object['ServerCertificateMetadata']['Arn'])
logger.info("Deleting old cert")
i.delete_server_certs(cert_name=old_name)
logger.echo("Updated certificate to new one.")
