def enroll(self, csr):
""" enroll certificate from via MS certsrv """
self.logger.debug('CAhandler.enroll({0})'.format(self.template))
cert_bundle = None
error = None
cert_raw = None
if self.host and self.user and self.password and self.template:
# setup certserv
ca_server = Certsrv(self.host, self.user, self.password, self.auth_method, self.ca_bundle)
# check connection and credentials
auth_check = self._check_credentials(ca_server)
if auth_check:
# recode csr
csr = textwrap.fill(b64_url_recode(self.logger, csr), 64) + '\n'
# get ca_chain
try:
ca_pkcs7 = convert_byte_to_string(ca_server.get_chain(encoding='b64'))
ca_pem = self._pkcs7_to_pem(ca_pkcs7)
# replace crlf with lf
# ca_pem = ca_pem.replace('\r\n', '\n')
except BaseException as err_:
ca_pem = None
self.logger.error('ca_server.get_chain() failed with error: {0}'.format(err_))
try:
cert_raw = convert_byte_to_string(ca_server.get_cert(csr, self.template))
# replace crlf with lf
cert_raw = cert_raw.replace('\r\n', '\n')
except BaseException as err_:
cert_raw = None
self.logger.error('ca_server.get_cert() failed with error: {0}'.format(err_))
if ca_pem and cert_raw:
cert_bundle = cert_raw + ca_pem
cert_raw = cert_raw.replace('-----BEGIN CERTIFICATE-----\n', '')
cert_raw = cert_raw.replace('-----END CERTIFICATE-----\n', '')
cert_raw = cert_raw.replace('\n', '')
else:
self.logger.error('cert bundling failed')
error = 'cert bundling failed'
else:
self.logger.error('Connection or Credentialcheck failed')
error = 'Connection or Credentialcheck failed.'
else:
self.logger.error('Config incomplete')
error = 'Config incomplete'
self.logger.debug('Certificate.enroll() ended')
return(error, cert_bundle, cert_raw, None)
def enroll(self, csr):
""" enroll certificate from via MS certsrv """
self.logger.debug('CAhandler.enroll()')
cert_bundle = None
error = None
cert_raw = None
if self.host and self.user and self.password and self.template:
# setup certserv
ca_server = Certsrv(self.host, self.user, self.password,
self.auth_method, self.ca_bundle)
# check connection and credentials
auth_check = ca_server.check_credentials()
if auth_check:
# recode csr
csr = textwrap.fill(b64_url_recode(self.logger, csr),
64) + '\n'
# get ca_chain
ca_pem = ca_server.get_chain(encoding='b64')
cert_raw = ca_server.get_cert(csr, self.template)
if cert_raw:
cert_bundle = cert_raw + ca_pem
cert_raw = cert_raw.replace(
'-----BEGIN CERTIFICATE-----\n', '')
cert_raw = cert_raw.replace('-----END CERTIFICATE-----\n',
'')
cert_raw = cert_raw.replace('\n', '')
else:
error = 'Enrollment failed'
else:
error = 'Connection or Credentialcheck failed.'
else:
error = 'Config incomplete'
self.logger.debug('Certificate.enroll() ended')
return (error, cert_bundle, cert_raw)