Remove dead code from acme support. (#11393)
1 files changed, 0 insertions, 50 deletions
diff --git a/synapse/config/tls.py b/synapse/config/tls.py
index 613faca658..21e5ddd15f 100644
--- a/synapse/config/tls.py
+++ b/synapse/config/tls.py
@@ -14,7 +14,6 @@
import logging
import os
-from datetime import datetime
from typing import List, Optional, Pattern
from OpenSSL import SSL, crypto
@@ -133,55 +132,6 @@ class TlsConfig(Config):
self.tls_certificate: Optional[crypto.X509] = None
self.tls_private_key: Optional[crypto.PKey] = None
- def is_disk_cert_valid(self, allow_self_signed=True):
- """
- Is the certificate we have on disk valid, and if so, for how long?
-
- Args:
- allow_self_signed (bool): Should we allow the certificate we
- read to be self signed?
-
- Returns:
- int: Days remaining of certificate validity.
- None: No certificate exists.
- """
- if not os.path.exists(self.tls_certificate_file):
- return None
-
- try:
- with open(self.tls_certificate_file, "rb") as f:
- cert_pem = f.read()
- except Exception as e:
- raise ConfigError(
- "Failed to read existing certificate file %s: %s"
- % (self.tls_certificate_file, e)
- )
-
- try:
- tls_certificate = crypto.load_certificate(crypto.FILETYPE_PEM, cert_pem)
- except Exception as e:
- raise ConfigError(
- "Failed to parse existing certificate file %s: %s"
- % (self.tls_certificate_file, e)
- )
-
- if not allow_self_signed:
- if tls_certificate.get_subject() == tls_certificate.get_issuer():
- raise ValueError(
- "TLS Certificate is self signed, and this is not permitted"
- )
-
- # YYYYMMDDhhmmssZ -- in UTC
- expiry_data = tls_certificate.get_notAfter()
- if expiry_data is None:
- raise ValueError(
- "TLS Certificate has no expiry date, and this is not permitted"
- )
- expires_on = datetime.strptime(expiry_data.decode("ascii"), "%Y%m%d%H%M%SZ")
- now = datetime.utcnow()
- days_remaining = (expires_on - now).days
- return days_remaining
-
def read_certificate_from_disk(self):
"""
Read the certificates and private key from disk.
|
