private getTlsInfoFromUserProps()

in packages/aws-rfdk/lib/deadline/lib/render-queue.ts [920:957]

• 32 lines of code
• 7 McCabe index (conditional complexity)

  private getTlsInfoFromUserProps(externalTLS: RenderQueueExternalTLSProps, hostname: RenderQueueHostNameProps): TlsInfo {
    let serverCert: ICertificate;
    let certChain: ISecret;

    if ( (externalTLS.acmCertificate !== undefined ) &&
    (externalTLS.rfdkCertificate !== undefined) ) {
      throw new Error('Exactly one of externalTLS.acmCertificate and externalTLS.rfdkCertificate must be provided when using externalTLS.');
    }

    if (!hostname.hostname) {
      throw new Error('A hostname must be supplied if a certificate is supplied, '
        + 'with the common name of the certificate matching the hostname + domain name.');
    }

    const fullyQualifiedDomainName = this.generateFullyQualifiedDomainName(hostname.zone, hostname.hostname);

    if ( externalTLS.acmCertificate ) {
      if ( externalTLS.acmCertificateChain === undefined ) {
        throw new Error('externalTLS.acmCertificateChain must be provided when using externalTLS.acmCertificate.');
      }
      serverCert = externalTLS.acmCertificate;
      certChain = externalTLS.acmCertificateChain;

    } else { // Using externalTLS.rfdkCertificate
      if ( externalTLS.rfdkCertificate!.certChain === undefined ) {
        throw new Error('Provided rfdkCertificate does not contain a certificate chain.');
      }
      serverCert = new ImportedAcmCertificate( this, 'AcmCert', externalTLS.rfdkCertificate! );
      certChain = externalTLS.rfdkCertificate!.certChain;
    }

    return {
      domainZone: hostname.zone,
      fullyQualifiedDomainName,
      serverCert,
      certChain,
    };
  }