diff --git a/src/storage/kubernetes.rs b/src/storage/kubernetes.rs index ca37828..c0107bf 100644 --- a/src/storage/kubernetes.rs +++ b/src/storage/kubernetes.rs @@ -14,6 +14,7 @@ const DOWNWARD_API_ENV: &str = "POD_NAMESPACE"; const DOWNWARD_API_FILE: &str = "/var/run/secrets/kubernetes.io/serviceaccount/namespace"; const SECRET_CERT: &str = "cert"; +const SECRET_CERT_WITH_CA: &str = "cert_with_ca"; const SECRET_KEY: &str = "key"; const SECRET_CHAIN: &str = "chain"; const SECRET_CA: &str = "ca"; @@ -122,10 +123,18 @@ impl Storage for KubernetesStorage { certificate: &[u8], key: &[u8], ) -> Result<(), Box> { + let (mut ca, _) = self.get_ca().await?; self.modify_secret(|secret| { let data = secret.data.get_or_insert_with(BTreeMap::default); data.insert(SECRET_CERT.to_string(), ByteString(certificate.to_vec())); data.insert(SECRET_KEY.to_string(), ByteString(key.to_vec())); + + let mut total = Vec::new(); + let mut certificate = certificate.to_vec(); + total.append(&mut certificate); + total.append(&mut ca); + + data.insert(SECRET_CERT_WITH_CA.to_string(), ByteString(total)); }) .await?; diff --git a/src/storage/local.rs b/src/storage/local.rs index f1c91bd..c734085 100644 --- a/src/storage/local.rs +++ b/src/storage/local.rs @@ -46,11 +46,17 @@ impl Storage for LocalStorage { certificate: &[u8], key: &[u8], ) -> Result<(), Box> { + let (ca, _) = self.get_ca().await?; let cert_path = Path::new(LOCAL_DATA_PATH).join("cert.crt"); + let mut cert_with_ca = + File::create(Path::new(LOCAL_DATA_PATH).join("cert_with_ca.crt")).await?; let key_path = Path::new(LOCAL_DATA_PATH).join("cert.key"); write(cert_path, certificate).await?; write(key_path, key).await?; + cert_with_ca.write_all(certificate).await?; + cert_with_ca.write_all(ca.as_slice()).await?; + Ok(()) }