fix self-signed-cert-validity parameter cannot be specified in the config file

2024-09-27 06:25:44 +00:00 · 2021-07-22 23:55:01 +08:00 · 2021-07-22 23:55:01 +08:00 · 627d91c89d
commit 627d91c89d
parent dfd2fea4c5
2 changed files with 7 additions and 2 deletions
--- a/etcd.conf.yml.sample
+++ b/etcd.conf.yml.sample
@ -125,6 +125,9 @@ peer-transport-security:
  # Peer TLS using generated certificates.
  auto-tls: false

+# The validity period of the self-signed certificate, the unit is year.
+self-signed-cert-validity: 1
+
 # Enable debug-level logging for etcd.
 log-level: debug

--- a/server/embed/config.go
+++ b/server/embed/config.go
@ -207,7 +207,7 @@ type Config struct {
 	// SelfSignedCertValidity specifies the validity period of the client and peer certificates
 	// that are automatically generated by etcd when you specify ClientAutoTLS and PeerAutoTLS,
 	// the unit is year, and the default is 1
-	SelfSignedCertValidity uint
+	SelfSignedCertValidity uint `json:"self-signed-cert-validity"`

 	// CipherSuites is a list of supported TLS cipher suites between
 	// client/server and peers. If empty, Go auto-populates the list.
@ -591,7 +591,9 @@ func (cfg *configYAML) configFromFile(path string) error {
 	copySecurityDetails(&cfg.PeerTLSInfo, &cfg.PeerSecurityJSON)
 	cfg.ClientAutoTLS = cfg.ClientSecurityJSON.AutoTLS
 	cfg.PeerAutoTLS = cfg.PeerSecurityJSON.AutoTLS
-
+	if cfg.SelfSignedCertValidity == 0 {
+		cfg.SelfSignedCertValidity = 1
+	}
 	return cfg.Validate()
 }