diff --git a/wile_coyote/bin/anvil b/wile_coyote/bin/anvil
index f8990c82cf84f000c8368b0404998fadb2c525b7..8d90a49c2c05c5af277d93e22a609b6b56ecfbc3 100755
--- a/wile_coyote/bin/anvil
+++ b/wile_coyote/bin/anvil
@@ -145,7 +145,6 @@ if __name__ == "__main__":
log.handler(constants.GIVEUP, LOGFILE, True)
sys_kit.coyote_exit(LOGFILE, START_TIMEDATE, 1)
- ACME_PROVIDERS = wile_coyote.tools.ACME_PROVIDERS
REDIS_HOST = wile_coyote.tools.REDIS_HOST
REDIS_TOKEN = wile_coyote.tools.REDIS_TOKEN
VAULT_HOST = wile_coyote.tools.VAULT_HOST
@@ -154,6 +153,8 @@ if __name__ == "__main__":
CONSUL_LEADER, _, __ = wile_coyote.tools.consul_kit.get_leader(LOGFILE)
MOUNT_POINTS_V1 = wile_coyote.tools.MOUNT_POINTS_V1
MOUNT_POINTS_V2 = wile_coyote.tools.MOUNT_POINTS_V2
+ ACME_PROVIDERS = wile_coyote.tools.ACME_PROVIDERS
+ acme_providers_list = ACME_PROVIDERS.replace(' ', '').split(',')
# keys define in .acme.ini
REDIS_KEYS = wile_coyote.tools.REDIS_KEYS
@@ -163,11 +164,11 @@ if __name__ == "__main__":
# prune certificates locally
if PRUNE:
if "all" in PRUNE:
- prune = ACME_PROVIDERS
+ prune = acme_providers_list
else:
prune = PRUNE
for prov in prune:
- if prov not in ACME_PROVIDERS:
+ if prov not in acme_providers_list:
log.handler(f"{prov} is not a valid provider", LOGFILE, True)
log.handler(constants.GIVEUP, LOGFILE, True)
sys_kit.coyote_exit(LOGFILE, START_TIMEDATE, 1)
diff --git a/wile_coyote/common/combine.py b/wile_coyote/common/combine.py
index 7c274526dfd656fdebe6918afd9e13741efdb358..f570e5cd382e723524ecfed32823504a17576aa6 100644
--- a/wile_coyote/common/combine.py
+++ b/wile_coyote/common/combine.py
@@ -4,7 +4,7 @@ import os
import wile_coyote.tools
-def keys(certpath, provider, keypath, outpath):
+def keys(cert_path, provider, key_path, outpath):
"""combine certificate, CA and private key"""
if os.path.isdir("/etc/ssl/certs"):
ssl_dir = "/etc/ssl/certs"
@@ -13,13 +13,12 @@ def keys(certpath, provider, keypath, outpath):
else:
raise NotImplementedError("OS not supported")
- # providers and CAs are mapped in acme.ini
- acme_providers = wile_coyote.tools.ACME_PROVIDERS
- capath = os.path.join(ssl_dir, acme_providers[provider])
- filenames = [certpath, capath, keypath]
+ ca_file = wile_coyote.tools.PROVIDERS_CA[provider]
+ ca_path = os.path.join(ssl_dir, ca_file)
+ file_names = [cert_path, ca_path, key_path]
with open(outpath, "w", encoding="utf-8") as outfile:
- for fname in filenames:
+ for fname in file_names:
with open(fname, "r", encoding="utf-8") as infile:
outfile.write(infile.read())
outfile.close()
diff --git a/wile_coyote/tools/__init__.py b/wile_coyote/tools/__init__.py
index 56dfb2b23e9eb802fb3b92041e0bd2426bd43bdc..644327a254787c4d7d8235908f4ca8fac9e27644 100644
--- a/wile_coyote/tools/__init__.py
+++ b/wile_coyote/tools/__init__.py
@@ -21,7 +21,8 @@ for loader, module_name, is_pkg in pkgutil.walk_packages(__path__):
CONSUL_SERVERS = config.get('acme', 'consul_servers')
CONSUL_TOKEN = config.get('acme', 'consul_token')
WEB_BASE = config.get('acme', 'web_base')
- ACME_PROVIDERS = l_eval(config.get('acme', 'acme_providers'))
+ ACME_PROVIDERS = config.get('acme', 'acme_providers')
+ PROVIDERS_CA = l_eval(config.get('acme', 'providers_ca'))
# these parameters only work in test
if 'unit-test' not in config.sections():