diff --git a/CHANGELOG.md b/CHANGELOG.md index d33b665c4b..740fc3b727 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -132,6 +132,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/). - [#4393](https://github.com/apache/trafficcontrol/issues/4393) *Traffic Ops* Fixed the error code and alert structure when TO is queried for a delivery service with no ssl keys. - [#7590](https://github.com/apache/trafficcontrol/issues/7590) *Traffic Control Cache Config (t3c)* Fixed issue with git detected dubious ownership in repository. - [#7575](https://github.com/apache/trafficcontrol/pull/7575) *Traffic Ops* Fixes `types` v5 apis to respond with `RFC3339` date/time Format. +- [#7628](https://github.com/apache/trafficcontrol/pull/7628) *Traffic Ops* Fixes an issue where certificate chain validation failed based on leading or trailing whitespace. ### Removed - [#7271](https://github.com/apache/trafficcontrol/pull/7271) Remove components in `infrastructre/docker/`, not in use as cdn-in-a-box performs the same functionality. diff --git a/traffic_ops/traffic_ops_golang/deliveryservice/keys.go b/traffic_ops/traffic_ops_golang/deliveryservice/keys.go index 65dce07d05..645ccae6e5 100644 --- a/traffic_ops/traffic_ops_golang/deliveryservice/keys.go +++ b/traffic_ops/traffic_ops_golang/deliveryservice/keys.go @@ -136,7 +136,7 @@ func AddSSLKeys(w http.ResponseWriter, r *http.Request) { return } - api.WriteResp(w, r, "Successfully added ssl keys for "+*req.DeliveryService) + api.WriteRespAlert(w, r, tc.SuccessLevel, "Successfully added ssl keys for "+*req.DeliveryService) } // GetSSlKeyExpirationInformation gets expiration information for all SSL certificates. @@ -539,6 +539,8 @@ func verifyCertKeyPair(pemCertificate string, pemPrivateKey string, rootCA strin block := &pem.Block{Type: "CERTIFICATE", Bytes: link.Raw} pemEncodedChain += string(pem.EncodeToMemory(block)) } + pemCertificate = strings.TrimSpace(pemCertificate) + pemEncodedChain = strings.TrimSpace(pemEncodedChain) if len(pemEncodedChain) < 1 { return "", "", false, false, false, errors.New("invalid empty certificate chain in request")