From 6a6843414d6c0606da79cf37388441adc641e755 Mon Sep 17 00:00:00 2001
From: iromli <isman.firmansyah@gmail.com>
Date: Wed, 30 Dec 2020 23:42:34 +0700
Subject: [PATCH] fix(truststore): save certificate to truststore; fixes #6

---
 scripts/bootstrap.py | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/scripts/bootstrap.py b/scripts/bootstrap.py
index 2568f7f0..872c075a 100644
--- a/scripts/bootstrap.py
+++ b/scripts/bootstrap.py
@@ -11,7 +11,6 @@
 from jans.pycloudlib.persistence import sync_couchbase_truststore
 from jans.pycloudlib.persistence import sync_ldap_truststore
 from jans.pycloudlib.utils import cert_to_truststore
-from jans.pycloudlib.utils import get_server_certificate
 from jans.pycloudlib.utils import as_boolean
 
 manager = get_manager()
@@ -87,14 +86,11 @@ def main():
         render_hybrid_properties("/etc/jans/conf/jans-hybrid.properties")
 
     if not os.path.isfile("/etc/certs/web_https.crt"):
-        if as_boolean(os.environ.get("CN_SSL_CERT_FROM_SECRETS", False)):
-            manager.secret.to_file("ssl_cert", "/etc/certs/web_https.crt")
-        else:
-            get_server_certificate(manager.config.get("hostname"), 443, "/etc/certs/web_https.crt")
+        manager.secret.to_file("ssl_cert", "/etc/certs/web_https.crt")
 
     cert_to_truststore(
-        "jans_https",
-        "/etc/certs/jans_https.crt",
+        "web_https",
+        "/etc/certs/web_https.crt",
         "/usr/lib/jvm/default-jvm/jre/lib/security/cacerts",
         "changeit",
     )