def db_maybe_launch_https_workers(self, session):
config = ConfigFactory(session, 1)
# If root_tenant is disabled do not start https
on = config.get_val(u'https_enabled')
if not on:
log.info("Not launching workers")
return defer.succeed(None)
site_cfgs = load_tls_dict_list(session)
valid_cfgs, err = [], None
# Determine which site_cfgs are valid and only pass those to the child.
for db_cfg in site_cfgs:
chnv = tls.ChainValidator()
ok, err = chnv.validate(db_cfg,
must_be_disabled=False,
check_expiration=False)
if ok and err is None:
valid_cfgs.append(db_cfg)
self.tls_cfg['site_cfgs'] = valid_cfgs
if not valid_cfgs:
log.info("Not launching https workers due to %s", err)
return defer.fail(err)
log.info("Decided to launch https workers")
return self.launch_https_workers()
def sync_initialize_snimap(session):
"""
Transaction for loading TLS certificates and initialize the SNI map
:param session: An ORM session
"""
for cfg in load_tls_dict_list(session):
if cfg['https_enabled']:
State.snimap.load(cfg['tid'], cfg)