diff options
author | Håkon Hallingstad <hakon@yahooinc.com> | 2022-09-23 17:04:42 +0200 |
---|---|---|
committer | Håkon Hallingstad <hakon@yahooinc.com> | 2022-09-23 17:04:42 +0200 |
commit | 550b73945237931ec726848ab7e65f9c9b933ced (patch) | |
tree | 0afb92df83a68d1be6597d12e1a28d18806b966a /node-admin | |
parent | dd30a9a839f4b7f5c99e265af091c3f88613f4cd (diff) |
Trust store path is associated with ZTS
Diffstat (limited to 'node-admin')
-rw-r--r-- | node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java index 9279442a345..70b9cc9cc16 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java @@ -63,8 +63,8 @@ public class AthenzCredentialsMaintainer implements CredentialsMaintainer { private static final String CONTAINER_SIA_DIRECTORY = "/var/lib/sia"; private final URI ztsEndpoint; - private final Path jksTrustStorePath; - private final Path pemTrustStorePath; + private final Path ztsTrustStoreJksPath; + private final Path ztsTrustStorePemPath; private final AthenzIdentity configserverIdentity; private final Clock clock; private final ServiceIdentityProvider hostIdentityProvider; @@ -76,16 +76,16 @@ public class AthenzCredentialsMaintainer implements CredentialsMaintainer { private final Map<ContainerName, Instant> lastRefreshAttempt = new ConcurrentHashMap<>(); public AthenzCredentialsMaintainer(URI ztsEndpoint, - Path jksTrustStorePath, - Path pemTrustStorePath, + Path ztsTrustStoreJksPath, + Path ztsTrustStorePemPath, ConfigServerInfo configServerInfo, String certificateDnsSuffix, ServiceIdentityProvider hostIdentityProvider, boolean useInternalZts, Clock clock) { this.ztsEndpoint = ztsEndpoint; - this.jksTrustStorePath = jksTrustStorePath; - this.pemTrustStorePath = pemTrustStorePath; + this.ztsTrustStoreJksPath = ztsTrustStoreJksPath; + this.ztsTrustStorePemPath = ztsTrustStorePemPath; this.configserverIdentity = configServerInfo.getConfigServerIdentity(); this.csrGenerator = new CsrGenerator(certificateDnsSuffix, configserverIdentity.getFullName()); this.hostIdentityProvider = hostIdentityProvider; @@ -212,10 +212,10 @@ public class AthenzCredentialsMaintainer implements CredentialsMaintainer { context.identity(), identityDocument.providerUniqueId(), identityDocument.ipAddresses(), keyPair); var sslContextBuilder = new SslContextBuilder().withKeyStore(privateKeyFile, certificateFile); - if (pemTrustStorePath != null) { - sslContextBuilder.withTrustStore(pemTrustStorePath); + if (ztsTrustStorePemPath != null) { + sslContextBuilder.withTrustStore(ztsTrustStorePemPath); } else { - sslContextBuilder.withTrustStore(jksTrustStorePath, KeyStoreType.JKS); + sslContextBuilder.withTrustStore(ztsTrustStoreJksPath, KeyStoreType.JKS); } SSLContext containerIdentitySslContext = sslContextBuilder.build(); |