def wrapped(id): err=authenticated(groups) if err: return err path=ca._incoming+'/'+request.path.split('/')[3] print "certifying", path cert=ca.signcsr(load(path)) mailsigned([cert]) os.unlink(path) return redirect('/tlsauth/csrs/')
def wrapped(id): err = authenticated(groups) if err: return err path = ca._incoming + '/' + request.path.split('/')[3] print "certifying", path cert = ca.signcsr(load(path)) mailsigned([cert]) os.unlink(path) return redirect('/tlsauth/csrs/')
def certify(request, id): """ provides facility for users belonging to `groups` to sign incoming CSRs """ err = authenticated(request, settings.TLS_ADMINGROUPS) if err: return err path = settings.TLS_CA._incoming + "/" + request.path.split("/")[3] print "certifying", path cert = settings.TLS_CA.signcsr(load(path)) mailsigned([cert]) os.unlink(path) return HttpResponseRedirect("/tlsauth/csrs/")
def accept(self): """ provides facility for users belonging to `groups` to sign incoming CSRs """ email=authorized(self.environ, CONFIG['admins']) if not email: return _404(self.environ, self.resp) path=self.ca._incoming+'/'+self.environ.get('REQUEST_URI').split('/')[3] print "certifying", path cert=self.ca.signcsr(load(path)) mailsigned([cert]) os.unlink(path) status = '302 Found' response_headers = [('Location', '/settings/requests')] self.resp(status, response_headers) return []
def accept(self): """ provides facility for users belonging to `groups` to sign incoming CSRs """ email = authorized(self.environ, CONFIG['admins']) if not email: return _404(self.environ, self.resp) path = self.ca._incoming + '/' + self.environ.get('REQUEST_URI').split( '/')[3] print "certifying", path cert = self.ca.signcsr(load(path)) mailsigned([cert]) os.unlink(path) status = '302 Found' response_headers = [('Location', '/settings/requests')] self.resp(status, response_headers) return []
# "Have fun and respect", # {'emailAddress': '*****@*****.**', 'CN': 's', 'O': 'ctrlc'}, # ca.dn, # ext='p12') # this is the correct - but less automagic - procedure sec, pub, csr = genkeycsr('joe', '*****@*****.**', 'ACME Inc.') # send csr to CA, ca.submit(csr) # who the after diligent inspection either does cert = ca.signcsr(csr) print cert # or bulk processes multiple incoming CSRs certs = ca.signincoming() #print certs mailsigned(certs) # or uses the supplied signcert.sh script. The CA sends the resulting cert # ...back to the user who after calling pkcs12(sec, cert, ca._pub) print "dropped good pkcs12 cert" # imports both the result and ca._pub. # and stores sec, cert away in a # safe offline location. if os.path.exists('test-ca'): shutil.rmtree('test-ca')
# "copy and delete this mail and other copies containing it.\n\n" \ # "Have fun and respect", # {'emailAddress': '*****@*****.**', 'CN': 's', 'O': 'ctrlc'}, # ca.dn, # ext='p12') # this is the correct - but less automagic - procedure sec, pub, csr = genkeycsr('joe', '*****@*****.**', 'ACME Inc.') # send csr to CA, ca.submit(csr) # who the after diligent inspection either does cert=ca.signcsr(csr) print cert # or bulk processes multiple incoming CSRs certs=ca.signincoming() #print certs mailsigned(certs) # or uses the supplied signcert.sh script. The CA sends the resulting cert # ...back to the user who after calling pkcs12(sec,cert,ca._pub) print "dropped good pkcs12 cert" # imports both the result and ca._pub. # and stores sec, cert away in a # safe offline location. if os.path.exists('test-ca'): shutil.rmtree('test-ca')