commit 32ee70e89ef10dec03df2c34652e2dbaed814689
author chojoyce <chojoyce@google.com> Fri Feb 11 12:39:53 2022 +0800
committer JOYCE CHO <chojoyce@google.com> Fri Feb 11 08:43:04 2022 +0000
tree 7c0f45a25c97d65dab91ebccca2a00847e09e57f
parent 3db482482e586ffa5094bcf9bf19020823631825

Removes existing certificates when run mkcert install.

To avoid generating a wrong certificate chain (once previous mkcert generated certificates exist).

Bug: 214337220
Test: acloud create
Change-Id: I0e058c3612fe77c36d6a3faec9b2fbfbd5facb08

setup/mkcert.py

diff --git a/setup/mkcert.py b/setup/mkcert.py
index 49a8fe3..42636b4 100644
--- a/setup/mkcert.py
+++ b/setup/mkcert.py
@@ -21,6 +21,7 @@
 import logging
 import os
 import platform
+import shutil
 
 from acloud.internal import constants
 from acloud.internal.lib import utils
@@ -81,18 +82,17 @@
     Returns:
         True when the Root SSL Certificates are generated and setup.
     """
-    if not os.path.isdir(_CERT_DIR):
-        os.mkdir(_CERT_DIR)
+    if os.path.isdir(_CERT_DIR):
+        shutil.rmtree(_CERT_DIR)
+    os.mkdir(_CERT_DIR)
 
     if os.path.exists(_TRUST_CA_PATH):
         UnInstall()
 
-    if not os.path.exists(_CA_KEY_PATH) or not os.path.exists(_CA_CRT_PATH):
-        utils.Popen(_CA_CMD, shell=True)
-    if not os.path.exists(_TRUST_CA_PATH):
-        utils.Popen(_TRUST_CA_COPY_CMD, shell=True)
-        utils.Popen(_UPDATE_TRUST_CA_CMD, shell=True)
-        utils.Popen(_TRUST_CHROME_CMD, shell=True)
+    utils.Popen(_CA_CMD, shell=True)
+    utils.Popen(_TRUST_CA_COPY_CMD, shell=True)
+    utils.Popen(_UPDATE_TRUST_CA_CMD, shell=True)
+    utils.Popen(_TRUST_CHROME_CMD, shell=True)
 
     return IsRootCAReady()