def show_cert(self, certid=None): list = [] if certid: rawmode = False if "_" in certid and certid.split("_")[1] == "raw": rawmode = True certid = certid.split("_")[0] i=0 for cert in SSL.get_all_certificates(): if certid == cert['id']: i = 1 SSL.display_cert(cert['cert']) if rawmode: print crypto.dump_certificate(crypto.FILETYPE_PEM, cert['cert']) if i == 0: print "*** Certificate not found" else: for cert in SSL.get_all_certificates(): state = SSL.get_state_cert(cert['cert']) list.append((cert['id'], SSL.get_x509_name(cert['cert'].get_subject()), state)) Render.print_table(('ID', 'Subject', 'State'), list)
def do_revoke(self, line): if line: i=0 for cert in SSL.get_all_certificates(): if line == cert['id']: i = 1 print "Reason : " reasons = crypto.Revoked().all_reasons() for (k, v) in enumerate(reasons): print " %s: %s" % (k, v) res = raw_input("Select reason : ") if res.isdigit() and 0 <= int(res) < len(reasons): revoked = crypto.Revoked() revoked.set_reason(reasons[int(res)]) revoked.set_serial(hex(cert['cert'].get_serial_number())[2:-1]) revoked.set_rev_date(datetime.utcnow().strftime("%Y%m%d%H%M%S%Z")+"Z") SSL.add_revoked(revoked) else: print "*** Reason is not valid" if i == 0: print "*** Certificate not found" else: print "revoke <certid>"
def resigned_all_cert(self): for certhash in SSL.get_all_certificates(): cert_signed = SSL.sign(certhash['cert'], SSL.get_ca_privatekey(), Config().config.get("cert", "digest")) SSL.delete_cert(certhash['id']) SSL.set_cert(cert_signed)