Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-22 16:39:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 121

Bug 6479: Storing proxy certificate in a secure location to avoid unexpected deletion. (#7811)

Browse source 
This prevents proxy certificate used by --insecure mode from being deleted when stored in a user-writable location.
This commit is contained in:
Marcos Oviedo 2022-09-19 09:42:53 -03:00 committed by GitHub
parent 897b750b55
commit d5a37dfd1a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
orbit/changes/bug-6479-store-proxy-cert-at-secure-location Normal file
View file

@ -0,0 +1,2 @@
* Orbit lost communication with Fleet server
when the certificate used for insecure mode gets deleted.

8
orbit/cmd/orbit/orbit.go
View file

@ -395,7 +395,13 @@ func main() {
},
)
certPath := filepath.Join(os.TempDir(), "fleet.crt")
// Directory to store proxy related assets
proxyDirectory := filepath.Join(c.String("root-dir"), "proxy")
if err := secure.MkdirAll(proxyDirectory, constant.DefaultDirMode); err != nil {
return fmt.Errorf("there was a problem creating the proxy directory: %w", err)
}
certPath := filepath.Join(proxyDirectory, "fleet.crt")
// Write cert that proxy uses
err = ioutil.WriteFile(certPath, []byte(insecure.ServerCert), os.ModePerm)