Merge pull request #64 from fcharlier/get_intermediate_cert_whenever_…

…necessary Get the intermediate certificate whenever needed
Spredzy · Jan 11, 2021 · 805a5aa · 805a5aa
2 parents 760c4f2 + 6173c49
commit 805a5aa
Showing 1 changed file with 8 additions and 10 deletions.
diff --git a/lecm/certificate.py b/lecm/certificate.py
@@ -105,14 +105,15 @@ def _create_filesystem(self):
                 utils.enforce_selinux_context(self.path)
 
     def _get_intermediate_certificate(self):
-        certificate = requests.get(_INTERMEDIATE_CERTIFICATE_URL).text
         certificate_name = os.path.basename(_INTERMEDIATE_CERTIFICATE_URL)
-
-        LOG.info('[global] Getting intermediate certificate PEM file: %s' %
-                 certificate_name)
         if not os.path.exists('%s/pem/%s' % (self.path, certificate_name)):
-            with open('%s/pem/%s' % (self.path, certificate_name), 'w') as f:
-                f.write(certificate)
+            certificate = requests.get(_INTERMEDIATE_CERTIFICATE_URL).text
+
+            LOG.info('[global] Getting intermediate certificate PEM file: %s' %
+                     certificate_name)
+            if not os.path.exists('%s/pem/%s' % (self.path, certificate_name)):
+                with open('%s/pem/%s' % (self.path, certificate_name), 'w') as f:
+                    f.write(certificate)
 
     def _create_account_key(self):
         account_key = crypto.PKey()
@@ -257,6 +258,7 @@ def _create_certificate(self):
 
             LOG.debug('[%s] Concatenating certificate with intermediate pem: \
                       %s/pem/%s.pem' % (self.name, self.path, self.name))
+            self._get_intermediate_certificate()
             pem_filename = os.path.basename(_INTERMEDIATE_CERTIFICATE_URL)
             filenames = ['%s/certs/%s.crt' % (self.path, self.name),
                          '%s/pem/%s' % (self.path, pem_filename)]
@@ -287,10 +289,6 @@ def generate(self):
 
         self._create_filesystem()
 
-        certificate_name = os.path.basename(_INTERMEDIATE_CERTIFICATE_URL)
-        if not os.path.exists('%s/pem/%s' % (self.path, certificate_name)):
-            self._get_intermediate_certificate()
-
         # Ensure there is no left-over from previous setup
         #
         try: