From 05abf447803d585888f5202736741ca778f1b579 Mon Sep 17 00:00:00 2001
From: Matteo Valentini <matteo.valentini@nethesis.it>
Date: Fri, 13 Sep 2024 10:02:19 +0200
Subject: [PATCH 1/3] tests: verify custom certs are stored correctly

Ensure that certificates are stored in Redis using base64 encoding.
---
 tests/20_traefik_certificates_api.robot | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tests/20_traefik_certificates_api.robot b/tests/20_traefik_certificates_api.robot
index 58b834b..7acffd6 100644
--- a/tests/20_traefik_certificates_api.robot
+++ b/tests/20_traefik_certificates_api.robot
@@ -75,6 +75,11 @@ Upload a custom certificate
     Should Be Equal As Integers    ${response}    1
     ${response} =    Execute Command    redis-cli --raw HGET module/traefik1/certificate/test.example.com custom
     Should Be Equal As Strings    ${response}    true
+    # check if the certificate stored is base64 encoded
+    ${response} =    Execute Command    command=redis-cli HGET module/traefik1/certificate/test.example.com cert | base64 -d    return_stdout=False    return_rc=True
+    Should Be Equal As Integers    ${response}    0
+    ${response} =    Execute Command    command=redis-cli HGET module/traefik1/certificate/test.example.com key | base64 -d    return_stdout=False    return_rc=True
+    Should Be Equal As Integers    ${response}    0
 
 Delete custom certificate
     Run task    module/traefik1/delete-certificate   	 {"fqdn": "test.example.com"}

From 566fa503ff197a13cd377e39a060363ec8fb7c95 Mon Sep 17 00:00:00 2001
From: Matteo Valentini <matteo.valentini@nethesis.it>
Date: Fri, 13 Sep 2024 12:16:35 +0200
Subject: [PATCH 2/3] upload-certificate: fix cert format in Redis

Ensure certificates are stored in base64 format within the Redis DB.
---
 imageroot/actions/upload-certificate/23export_certificates | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/imageroot/actions/upload-certificate/23export_certificates b/imageroot/actions/upload-certificate/23export_certificates
index df2f25c..fff4e23 100755
--- a/imageroot/actions/upload-certificate/23export_certificates
+++ b/imageroot/actions/upload-certificate/23export_certificates
@@ -36,7 +36,7 @@ domain = subject.split("\n")[1].split("CN=")[1]
 # save the certificate and key in redis
 rdb = agent.redis_connect(privileged=True)
 rkey = f'module/{module_id}/certificate/{domain}'
-rdb.hset(rkey, mapping={"cert": cert, "key": key, "custom": "true"})
+rdb.hset(rkey, mapping={"cert": data["certFile"], "key": data["keyFile"], "custom": "true"})
 
 # signal the certificate-updated event
 event_key = f'module/{module_id}/event/certificate-updated'

From 16f9ad0e0efb5e15210c95eead1aa4e8c85e285f Mon Sep 17 00:00:00 2001
From: Matteo Valentini <matteo.valentini@nethesis.it>
Date: Fri, 13 Sep 2024 12:21:15 +0200
Subject: [PATCH 3/3] upload-certificate: fix event payload

---
 imageroot/actions/upload-certificate/23export_certificates | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/imageroot/actions/upload-certificate/23export_certificates b/imageroot/actions/upload-certificate/23export_certificates
index fff4e23..a390c88 100755
--- a/imageroot/actions/upload-certificate/23export_certificates
+++ b/imageroot/actions/upload-certificate/23export_certificates
@@ -31,11 +31,11 @@ result = subprocess.run(
 )
 
 subject = result.stdout
-domain = subject.split("\n")[1].split("CN=")[1]
+domain = {'main': subject.split("\n")[1].split("CN=")[1]}
 
 # save the certificate and key in redis
 rdb = agent.redis_connect(privileged=True)
-rkey = f'module/{module_id}/certificate/{domain}'
+rkey = f'module/{module_id}/certificate/{domain["main"]}'
 rdb.hset(rkey, mapping={"cert": data["certFile"], "key": data["keyFile"], "custom": "true"})
 
 # signal the certificate-updated event