Check xcerts.Manager is initialized before adding certificates (#673)

minio · Mar 27, 2021 · b6938a5 · b6938a5
1 parent 901358e
commit b6938a5
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 9 deletions.
diff --git a/cmd/console/server.go b/cmd/console/server.go
@@ -17,6 +17,7 @@
 package main
 
 import (
+	"context"
 	"fmt"
 	"io/ioutil"
 	"log"
@@ -146,14 +147,13 @@ func startServer(ctx *cli.Context) error {
 	SwaggerServerCACertificate := ctx.String("tls-ca")
 	// load tls cert and key from swagger server tls-certificate and tls-key flags
 	if swaggerServerCertificate != "" && swaggerServerCertificateKey != "" {
-		if errAddCert := restapi.GlobalTLSCertsManager.AddCertificate(swaggerServerCertificate, swaggerServerCertificateKey); errAddCert == nil {
-			if x509Certs, errParseCert := config.ParsePublicCertFile(swaggerServerCertificate); errParseCert == nil && len(x509Certs) > 0 {
+		if errAddCert := certs.AddCertificate(context.Background(), restapi.GlobalTLSCertsManager, swaggerServerCertificate, swaggerServerCertificateKey); errAddCert != nil {
+			log.Println(errAddCert)
+		}
+		if x509Certs, errParseCert := config.ParsePublicCertFile(swaggerServerCertificate); errParseCert == nil {
+			if len(x509Certs) > 0 {
 				restapi.GlobalPublicCerts = append(restapi.GlobalPublicCerts, x509Certs[0])
-			} else {
-				log.Println(errParseCert)
 			}
-		} else {
-			log.Println(errAddCert)
 		}
 	}
 	// load ca cert from swagger server tls-ca flag

diff --git a/pkg/certs/certs.go b/pkg/certs/certs.go
@@ -228,3 +228,14 @@ func GetAllCertificatesAndCAs() (*x509.CertPool, []*x509.Certificate, *xcerts.Ma
 	logger.FatalIf(err, "Unable to load the TLS configuration")
 	return GlobalRootCAs, globalPublicCerts, globalTLSCertsManager
 }
+
+// AddCertificate check if Manager is initialized and then append a new certificate to it
+func AddCertificate(ctx context.Context, manager *xcerts.Manager, publicKey, privateKey string) (err error) {
+	// If Cert Manager is not nil add more certificates
+	if manager != nil {
+		return manager.AddCertificate(publicKey, privateKey)
+	}
+	// Initialize cert manager
+	manager, err = xcerts.NewManager(ctx, publicKey, privateKey, config.LoadX509KeyPair)
+	return err
+}
diff --git a/portal-ui/src/screens/Console/Buckets/ViewBucket/ViewBucket.tsx b/portal-ui/src/screens/Console/Buckets/ViewBucket/ViewBucket.tsx
@@ -557,9 +557,7 @@ const ViewBucket = ({
     setPolicyEdit(row);
   };
 
-  const PolicyActions = [
-    { type: "view", onClick: viewAction },
-  ];
+  const PolicyActions = [{ type: "view", onClick: viewAction }];
 
   return (
     <Fragment>