Merge pull request #1220 from chenxiaolong/T4244

pki: eapol: T4244: Fix KeyError when CA cert name differs from client cert name

2 files changed, 2 insertions, 2 deletions

diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py
index 365a28feb..18fb7f9f7 100644
--- a/python/vyos/configverify.py
+++ b/python/vyos/configverify.py
@@ -173,7 +173,7 @@ def verify_eapol(config):
             if ca_cert_name not in config['pki']['ca']:
                 raise ConfigError('Invalid CA certificate specified for EAPoL')
 
-            ca_cert = config['pki']['ca'][cert_name]
+            ca_cert = config['pki']['ca'][ca_cert_name]
 
             if 'certificate' not in ca_cert:
                 raise ConfigError('Invalid CA certificate specified for EAPoL')
diff --git a/src/conf_mode/interfaces-ethernet.py b/src/conf_mode/interfaces-ethernet.py
index e7250fb49..ab8d58f81 100755
--- a/src/conf_mode/interfaces-ethernet.py
+++ b/src/conf_mode/interfaces-ethernet.py
@@ -165,7 +165,7 @@ def generate(ethernet):
         if 'ca_certificate' in ethernet['eapol']:
             ca_cert_file_path = os.path.join(cfg_dir, f'{ifname}_ca.pem')
             ca_cert_name = ethernet['eapol']['ca_certificate']
-            pki_ca_cert = ethernet['pki']['ca'][cert_name]
+            pki_ca_cert = ethernet['pki']['ca'][ca_cert_name]
 
             write_file(ca_cert_file_path,
                        wrap_certificate(pki_ca_cert['certificate']))