From 0354f88564a6b0ea1a9c2f72492af6b76b01d131 Mon Sep 17 00:00:00 2001 From: Jernej Kos Date: Wed, 29 Sep 2021 14:07:12 +0200 Subject: [PATCH] go/common/identity: Don't forget to refresh TLS certificate --- .changelog/4289.bugfix.md | 1 + go/common/identity/identity.go | 2 +- go/common/identity/identity_test.go | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 .changelog/4289.bugfix.md diff --git a/.changelog/4289.bugfix.md b/.changelog/4289.bugfix.md new file mode 100644 index 00000000000..8e00d4a49c6 --- /dev/null +++ b/.changelog/4289.bugfix.md @@ -0,0 +1 @@ +go/common/identity: Don't forget to refresh TLS certificate diff --git a/go/common/identity/identity.go b/go/common/identity/identity.go index 1b1e34a8fa7..e6a1892830b 100644 --- a/go/common/identity/identity.go +++ b/go/common/identity/identity.go @@ -262,7 +262,7 @@ func doLoadOrGenerate(dataDir string, signerFactory signature.SignerFactory, sho // First, check if we can load the TLS certificate from disk. tlsCertPath, tlsKeyPath := TLSCertPaths(dataDir) - cert, err := tlsCert.Load(tlsCertPath, tlsKeyPath) + cert, err := tlsCert.LoadFromKey(tlsKeyPath, CommonName) if err == nil { // Load successful, ensure that we won't ever rotate the certificates. dnr = true diff --git a/go/common/identity/identity_test.go b/go/common/identity/identity_test.go index 334b1d423fd..538a21cc538 100644 --- a/go/common/identity/identity_test.go +++ b/go/common/identity/identity_test.go @@ -35,7 +35,7 @@ func TestLoadOrGenerate(t *testing.T) { require.EqualValues(t, identity.P2PSigner, identity2.P2PSigner) require.EqualValues(t, identity.ConsensusSigner, identity2.ConsensusSigner) require.EqualValues(t, identity.GetTLSSigner(), identity2.GetTLSSigner()) - require.EqualValues(t, identity.GetTLSCertificate(), identity2.GetTLSCertificate()) + require.NotEqual(t, identity.GetTLSCertificate(), identity2.GetTLSCertificate()) require.EqualValues(t, identity.GetTLSPubKeys(), identity2.GetTLSPubKeys()) require.NotEqual(t, identity.TLSSentryClientCertificate, identity2.TLSSentryClientCertificate) require.EqualValues(t, identity.TLSSentryClientCertificate.PrivateKey, identity2.TLSSentryClientCertificate.PrivateKey)