def validate_tls_container(container_ref): cert_container = None lb_id = None if curr_listener: lb_id = curr_listener['loadbalancer_id'] else: lb_id = listener.get('loadbalancer_id') try: cert_container = CERT_MANAGER_PLUGIN.CertManager.get_cert( container_ref, lb_id=lb_id) except Exception as e: if hasattr(e, 'status_code') and e.status_code == 404: raise loadbalancerv2.TLSContainerNotFound( container_id=container_ref) else: # Could be a keystone configuration error... raise loadbalancerv2.CertManagerError( ref=container_ref, reason=e.message ) try: cert_parser.validate_cert( cert_container.get_certificate(), private_key=cert_container.get_private_key(), private_key_passphrase=( cert_container.get_private_key_passphrase()), intermediates=cert_container.get_intermediates()) except Exception as e: CERT_MANAGER_PLUGIN.CertManager.delete_cert( container_ref, lb_id) raise loadbalancerv2.TLSContainerInvalid( container_id=container_ref, reason=str(e))
def get_cert(cont_id): try: cert_cont = cert_mgr.get_cert( project_id=tenant_id, cert_ref=cont_id, resource_ref=cert_mgr.get_service_url(lb_id), check_only=True) return cert_cont except Exception as e: if hasattr(e, 'status_code') and e.status_code == 404: raise loadbalancerv2.TLSContainerNotFound( container_id=cont_id) else: # Could be a keystone configuration error... raise loadbalancerv2.CertManagerError(ref=cont_id, reason=e.message)
def validate_tls_container(container_ref): cert_container = None try: cert_container = CERT_MANAGER_PLUGIN.CertManager.get_cert( container_ref, check_only=True) except Exception: raise loadbalancerv2.TLSContainerNotFound( container_id=container_ref) try: cert_parser.validate_cert( cert_container.get_certificate(), private_key=cert_container.get_private_key(), private_key_passphrase=( cert_container.get_private_key_passphrase()), intermediates=cert_container.get_intermediates()) except Exception as e: raise loadbalancerv2.TLSContainerInvalid( container_id=container_ref, reason=str(e))