From 61a08fa36028d3a1a6176e321d16ce2b66a62dbd Mon Sep 17 00:00:00 2001
From: Michael Hanselmann <hansmi@google.com>
Date: Fri, 19 Dec 2008 19:30:05 +0000
Subject: [PATCH] ganeti.bootstrap: Generate SSL certificate for remote API

Reviewed-by: amishchenko
---
 lib/bootstrap.py | 4 ++++
 lib/constants.py | 1 +
 2 files changed, 5 insertions(+)

diff --git a/lib/bootstrap.py b/lib/bootstrap.py
index 41a1f2c1a..16daf53fb 100644
--- a/lib/bootstrap.py
+++ b/lib/bootstrap.py
@@ -96,6 +96,10 @@ def _InitGanetiServerSetup():
   """
   _GenerateSelfSignedSslCert(constants.SSL_CERT_FILE)
 
+  # Don't overwrite existing file
+  if not os.path.exists(constants.RAPI_CERT_FILE):
+    _GenerateSelfSignedSslCert(constants.RAPI_CERT_FILE)
+
   result = utils.RunCmd([constants.NODE_INITD_SCRIPT, "restart"])
 
   if result.failed:
diff --git a/lib/constants.py b/lib/constants.py
index 9ae904414..84e7b5925 100644
--- a/lib/constants.py
+++ b/lib/constants.py
@@ -94,6 +94,7 @@ LOCK_DIR = _autoconf.LOCALSTATEDIR + "/lock"
 SSCONF_LOCK_FILE = LOCK_DIR + "/ganeti-ssconf.lock"
 CLUSTER_CONF_FILE = DATA_DIR + "/config.data"
 SSL_CERT_FILE = DATA_DIR + "/server.pem"
+RAPI_CERT_FILE = DATA_DIR + "/rapi.pem"
 WATCHER_STATEFILE = DATA_DIR + "/watcher.data"
 SSH_KNOWN_HOSTS_FILE = DATA_DIR + "/known_hosts"
 RAPI_USERS_FILE = DATA_DIR + "/rapi_users"
-- 
GitLab