Skip to content

Commit

Permalink
Remove overzealous argument checking
Browse files Browse the repository at this point in the history 
There are situations where public_key and signing_key can be used
together, e.g. when signing a cert with another cert on the same machine:

cert:
  x509.certificate_managed:
    - name: /etc/pki/www.crt
    - public_key: /etc/pki/www.key
    - signing_cert: /etc/pki/root.crt
    - signing_private_key: /etc/pki/root.key
    - CN: 'www.local'
    - subjectAltName: 'IP:127.0.0.1'
  • Loading branch information
@glynnforrest
glynnforrest committed Jun 6, 2019
1 parent cc33d6c commit dfeb207
Showing 1 changed file with 1 addition and 5 deletions.
6 changes: 1 addition & 5 deletions salt/states/x509.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -557,11 +557,7 @@ def certificate_managed(name,

if 'public_key' not in kwargs and 'signing_private_key' not in kwargs:
raise salt.exceptions.SaltInvocationError(
'Either public_key or signing_private_key must be specified.')

if 'public_key' in kwargs and 'signing_private_key' in kwargs:
raise salt.exceptions.SaltInvocationError(
'Either public_key or signing_private_key must be specified, not both.')
'public_key or signing_private_key must be specified.')

ret = {'name': name,
'result': False,
Expand Down

0 comments on commit dfeb207

Please sign in to comment.