QA: Retrieve only the RAPI certificate

The QA previously took in the entire certificate file, along with the
private key. As this is really not necessary, change it to be more
conservative.

Signed-off-by: Hrvoje Ribicic <riba@google.com>
Reviewed-by: Lisa Velden <velden@google.com>

diff --git a/qa/qa_rapi.py b/qa/qa_rapi.py
index 1c43e7a..807383e 100644 (file)
--- a/qa/qa_rapi.py
+++ b/qa/qa_rapi.py
@@ -132,7 +132,8 @@ def ReloadCertificates(ensure_presence=True):
   master = qa_config.GetMasterNode()
 
   # Load RAPI certificate from master node
-  cmd = ["cat", qa_utils.MakeNodePath(master, pathutils.RAPI_CERT_FILE)]
+  cmd = ["openssl", "x509", "-in",
+         qa_utils.MakeNodePath(master, pathutils.RAPI_CERT_FILE)]
 
   # Write to temporary file
   _rapi_ca = tempfile.NamedTemporaryFile()