Skip to content

Commit ecc1d12

Browse files
🐛 [open-formulieren/open-forms#5136] Use next certificate in eh service catalog when it's available
If a next certificate is configured, scheduled to replace the (expiring) current certificate, use that in favour of the current certificate when genering the service catalogue metadata.
1 parent 41efbd2 commit ecc1d12

File tree

2 files changed

+3
-1
lines changed

2 files changed

+3
-1
lines changed

digid_eherkenning/saml2/eherkenning.py

+2-1
Original file line numberDiff line numberDiff line change
@@ -329,7 +329,8 @@ def create_service_catalogus(conf: EHerkenningConfig, validate: bool = True) ->
329329
"""
330330
https://afsprakenstelsel.etoegang.nl/display/as/Service+catalog
331331
"""
332-
with conf["cert_file"].open("rb") as cert_file:
332+
cert_file = conf["next_cert_file"] or conf["cert_file"]
333+
with cert_file.open("rb") as cert_file:
333334
x509_certificate_content: bytes = cert_file.read()
334335

335336
sc_id = str(uuid4())

digid_eherkenning/types.py

+1
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@ class EHerkenningConfig(TypedDict):
3838
entity_id: str
3939
metadata_file: str
4040
cert_file: Path | FieldFile
41+
next_cert_file: Path | FieldFile | None
4142
key_file: Path | FieldFile
4243
service_entity_id: str
4344
oin: str

0 commit comments

Comments
 (0)