Since we are allowing customers to provide a cert, verify the cert with openssl verify.
Testing
Ran install script with an empty file, a self-signed TLS cert, and a copied valid cert. Script failed on first two and succeeded on next. Verified that, without this check, the ssm agent in task containers would also have issues in the first two cases and succeed on the latter.
Licensing
This contribution is under the terms of the Apache 2.0 License:
Summary
Since we are allowing customers to provide a cert, verify the cert with
openssl verify.Testing
Ran install script with an empty file, a self-signed TLS cert, and a copied valid cert. Script failed on first two and succeeded on next. Verified that, without this check, the ssm agent in task containers would also have issues in the first two cases and succeed on the latter.
Licensing
This contribution is under the terms of the Apache 2.0 License: