removing ipsec reload upon cert *creation*, no point in doing it, we don't have the signed cert yet. we just risk breaking a working setup while being sure we won't get it working right away. the cron job, pulling the actual signed cert will be doing this part

2019-04-16 21:21:29 +00:00 · 2019-04-16 21:21:29 +00:00 · 182de8533f
parent 088830f07a
commit 182de8533f
1 changed files with 0 additions and 6 deletions
--- a/debian/wit-network-config.postinst
+++ b/debian/wit-network-config.postinst
@ -401,12 +401,6 @@ case "$1" in
 			* * * * * root  ip vrf exec mgmt curl --fail -so ${CRTFILE} ${CACURLURL}/certs/${CRTFILE##*/} 2>/dev/null && diff -s <(pki --keyid --type priv --in ${KEYFILE} 2>/dev/null) <(pki --keyid --type x509 --in ${CRTFILE} 2>/dev/null) >/dev/null && ipsec rereadall && ipsec rereadsecrets && ipsec purgecerts && ipsec purgecrls && ipsec reload && rm -f /etc/cron.d/wit-net-config-pull-signed-cert
 			## self delete after successfully pulling cert
 		EOF
-
-            ipsec rereadall
-            ipsec rereadsecrets
-            ipsec purgecerts
-            ipsec purgecrls
-            ipsec reload
        fi