DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use system self signed certificate as default SSL certificate

Browse source
This commit is contained in:
Manuel de Brito Fontes 2016-07-21 11:40:47 -04:00
parent 2c7d921d76
commit 9f64273b9c
7 changed files with 85 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

23
controllers/nginx/controller.go
View file

@ -870,13 +870,22 @@ func (lbc *loadBalancerController) createServers(data []interface{}) map[string]
servers := make(map[string]*nginx.Server)
pems := lbc.getPemsFromIngress(data)
if lbc.defSSLCertificate != "" {
ngxCert, err := lbc.getPemCertificate(lbc.defSSLCertificate)
if err == nil {
pems["_"] = ngxCert
} else {
glog.Warningf("%v", err)
}
var ngxCert nginx.SSLCert
var err error
if lbc.defSSLCertificate == "" {
// use system certificated generated at image build time
cert, key := getFakeSSLCert()
ngxCert, err = lbc.nginx.AddOrUpdateCertAndKey("system-snake-oil-certificate", cert, key)
} else {
ngxCert, err = lbc.getPemCertificate(lbc.defSSLCertificate)
}
if err == nil {
pems["_"] = ngxCert
} else {
glog.Warningf("%v", err)
}
for _, ingIf := range data {