From: Redouane Kachach <rkachach@ibm.com>
Date: Wed, 11 Jun 2025 13:46:51 +0000 (+0200)
Subject: mgr/cepahdm: adapting node-proxy service to use the new cert mgmt
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=faccf7984e1cc5bc3bb90c004cb1b022ddcdee12;p=ceph.git

mgr/cepahdm: adapting node-proxy service to use the new cert mgmt

Signed-off-by: Redouane Kachach <rkachach@ibm.com>
---

diff --git a/src/pybind/mgr/cephadm/services/node_proxy.py b/src/pybind/mgr/cephadm/services/node_proxy.py
index 3547b14bdb4e..299a606c58b7 100644
--- a/src/pybind/mgr/cephadm/services/node_proxy.py
+++ b/src/pybind/mgr/cephadm/services/node_proxy.py
@@ -58,15 +58,15 @@ class NodeProxy(CephService):
             raise OrchestratorError(
                 'Cannot deploy node-proxy daemons until cephadm endpoint has finished generating certs')
 
-        listener_cert, listener_key = self.mgr.cert_mgr.generate_cert(daemon_spec.host, self.mgr.inventory.get_addr(daemon_spec.host))
+        tls_pair = self.get_certificates(daemon_spec)
         cfg = {
             'target_ip': self.mgr.get_mgr_ip(),
             'target_port': self.agent_endpoint.server_port,
             'name': f'node-proxy.{daemon_spec.host}',
             'keyring': daemon_spec.keyring,
             'root_cert.pem': self.mgr.cert_mgr.get_root_ca(),
-            'listener.crt': listener_cert,
-            'listener.key': listener_key,
+            'listener.crt': tls_pair.cert,
+            'listener.key': tls_pair.key,
         }
         config = {'node-proxy.json': json.dumps(cfg)}