saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-16 09:40:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Make local signing with policy containing signing key work

Browse source
This commit is contained in:
jeanluc 2024-04-22 17:27:07 +02:00 committed by Daniel Wozniak
parent 56234c13f1
commit c1642c5b50
2 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
changelog/66414.fixed.md Normal file
View file

@ -0,0 +1 @@
Fixed x509_v2 certificate.managed crash for locally signed certificates if the signing policy defines signing_private_key

2
salt/states/x509_v2.py
View file

@ -1606,10 +1606,12 @@ def _build_cert(
ca_server=None, signing_policy=None, signing_private_key=None, **kwargs
):
final_kwargs = copy.deepcopy(kwargs)
final_kwargs["signing_private_key"] = signing_private_key
x509util.merge_signing_policy(
__salt__["x509.get_signing_policy"](signing_policy, ca_server=ca_server),
final_kwargs,
)
signing_private_key = final_kwargs.pop("signing_private_key")
builder, _, private_key_loaded, signing_cert = x509util.build_crt(
signing_private_key,