From c2359b5144e5547e52b020c81c07581a234bda7e Mon Sep 17 00:00:00 2001
From: Andreas Eriksen <andreer@yahooinc.com>
Date: Mon, 15 May 2023 12:45:02 +0200
Subject: re-request endpoint cert with new metadata (#27114)

---
 .../controller/restapi/certificate/EndpointCertificatesHandler.java | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'controller-server')

diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/certificate/EndpointCertificatesHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/certificate/EndpointCertificatesHandler.java
index a00e80b17d4..9bee5623774 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/certificate/EndpointCertificatesHandler.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/certificate/EndpointCertificatesHandler.java
@@ -42,7 +42,7 @@ public class EndpointCertificatesHandler extends ThreadedHttpRequestHandler {
 
     public HttpResponse handle(HttpRequest request) {
         if (request.getMethod().equals(GET)) return listEndpointCertificates();
-        if (request.getMethod().equals(POST)) return reRequestEndpointCertificateFor(request.getProperty("application"));
+        if (request.getMethod().equals(POST)) return reRequestEndpointCertificateFor(request.getProperty("application"), request.getProperty("ignoreExistingMetadata") != null);
         throw new RestApiException.MethodNotAllowed(request);
     }
 
@@ -59,7 +59,7 @@ public class EndpointCertificatesHandler extends ThreadedHttpRequestHandler {
         return new StringResponse(requestsWithNames);
     }
 
-    public StringResponse reRequestEndpointCertificateFor(String instanceId) {
+    public StringResponse reRequestEndpointCertificateFor(String instanceId, boolean ignoreExistingMetadata) {
         ApplicationId applicationId = ApplicationId.fromFullString(instanceId);
 
         try (var lock = curator.lock(TenantAndApplicationId.from(applicationId))) {
@@ -67,7 +67,7 @@ public class EndpointCertificatesHandler extends ThreadedHttpRequestHandler {
                     .orElseThrow(() -> new RestApiException.NotFound("No certificate found for application " + applicationId.serializedForm()));
 
             EndpointCertificateMetadata reRequestedMetadata = endpointCertificateProvider.requestCaSignedCertificate(
-                    applicationId, endpointCertificateMetadata.requestedDnsSans(), Optional.of(endpointCertificateMetadata));
+                    applicationId, endpointCertificateMetadata.requestedDnsSans(), ignoreExistingMetadata ? Optional.empty() : Optional.of(endpointCertificateMetadata));
 
             curator.writeEndpointCertificateMetadata(applicationId, reRequestedMetadata);
 
-- 
cgit v1.2.3