Juan Hernandez has posted comments on this change.
Change subject: BZ#856167 - Store engine CA cert in enginecacert.pem
......................................................................
Patch Set 2: (2 inline comments)
....................................................
File vdsm_reg/deployUtil.py.in
Line 1468: ovirtfunctions.ovirt_safe_delete_config(CACERT)
Line 1469: if os.path.exists(ENGINECACERT):
Line 1470: ovirtfunctions.ovirt_safe_delete_config(ENGINECACERT)
Line 1471:
Line 1472: def getRhevmCert(IP, port):
I will add a comment. I think there are other patches around to rename this to
"getEngineCert", so I prefer to avoid that rename in this patch. If I were to
rename it I would use "downloadEngineCACertificate" or something similar.
I don't understand the second part of your comment. What is downloaded here is the
certificate of the CA of the engine, not the certificate of the engine itself. Why do you
say that the CA in ENGINECACERT is misplaced? I am open to rename that variable, but I
need to understand your point.
Line 1473:
Line 1474: dontcare, VDSMCERT, ENGINECACERT = certPaths('')
Line 1475: RHEVM_CERT_FILE = "/ca.crt"
Line 1476: rhevmCert = getRemoteFile(str(IP), str(port), RHEVM_CERT_FILE)
Line 1470: ovirtfunctions.ovirt_safe_delete_config(ENGINECACERT)
Line 1471:
Line 1472: def getRhevmCert(IP, port):
Line 1473:
Line 1474: dontcare, VDSMCERT, ENGINECACERT = certPaths('')
Done
Line 1475: RHEVM_CERT_FILE = "/ca.crt"
Line 1476: rhevmCert = getRemoteFile(str(IP), str(port), RHEVM_CERT_FILE)
Line 1477: if rhevmCert:
Line 1478: dirName = os.path.dirname(ENGINECACERT)
--
To view, visit
http://gerrit.ovirt.org/8038
To unsubscribe, visit
http://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I127bf44cbcde90f7dae26a3bd3127f3eac2ca53c
Gerrit-PatchSet: 2
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Juan Hernandez <juan.hernandez(a)redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alonbl(a)redhat.com>
Gerrit-Reviewer: Dan Kenigsberg <danken(a)redhat.com>
Gerrit-Reviewer: Doron Fediuck <dfediuck(a)redhat.com>
Gerrit-Reviewer: Douglas Schilling Landgraf <dougsland(a)redhat.com>
Gerrit-Reviewer: Juan Hernandez <juan.hernandez(a)redhat.com>
Gerrit-Reviewer: Michael Burns <mburns(a)redhat.com>