def _config_ssl_cacerts(self): ssl_bind_string = "" cacerts = [] if DEFAULT_CA_CERT: cacerts.append(DEFAULT_CA_CERT) if cacerts: if set(cacerts) != set(Haproxy.cls_ca_certs): Haproxy.cls_ca_certs = copy.copy(cacerts) self.ssl_updated = True SslHelper.save_certs(CACERT_DIR, cacerts) logger.info("SSL CA certificates are updated") ssl_bind_string = " ca-file /cacerts/cert0.pem verify required" return ssl_bind_string
def _config_ssl_certs(self): ssl_bind_string = "" certs = [] if DEFAULT_SSL_CERT: certs.append(DEFAULT_SSL_CERT) certs.extend(SslHelper.get_extra_ssl_certs(EXTRA_SSL_CERT)) certs.extend(self.specs.get_default_ssl_cert()) certs.extend(self.specs.get_ssl_cert()) if certs: if set(certs) != set(Haproxy.cls_certs): Haproxy.cls_certs = copy.copy(certs) self.ssl_updated = True SslHelper.save_certs(CERT_DIR, certs) logger.info("SSL certificates are updated") ssl_bind_string = "ssl crt /certs/" return ssl_bind_string