def createCertificate(self, request, name): ttl = self.conf.getint('SSL', 'ttl') digest = self.conf.get('SSL', 'digest') cert_path = "%s.%s" % (name, CERTIFICATE_EXTENSION) if exists(cert_path): return crypto.load_certificate(crypto.FILETYPE_PEM, open(cert_path, 'rb').read()) cert = ssl.createCertificate(request, (self.cacert, self.cakey), 1, (0, ttl), digest) open(cert_path, 'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert)) return cert
def cacert(self): if self._cacert is None: ca_name = 'CA.%s' % CERTIFICATE_EXTENSION if exists(ca_name): with open(ca_name, 'rb') as caf: cacert = crypto.load_certificate(crypto.FILETYPE_PEM, caf.read()) else: keys = dict([(key.upper(), value) for (key, value) in self.conf.items('CA')]) careq = self.createCertRequest(self.cakey, keys) ttl = self.conf.getint('SSL', 'ttl') digest = self.conf.get('SSL', 'digest') #FIXME Handle serial number #FIXME Handle version cacert = ssl.createCertificate(careq, (careq, self.cakey), 0, (0, ttl), digest) with open(ca_name, 'w') as certificate: certificate.write(crypto.dump_certificate( crypto.FILETYPE_PEM, cacert)) self._cacert = cacert return self._cacert
def cacert(self): if self._cacert is None: ca_name = 'CA.%s' % CERTIFICATE_EXTENSION if exists(ca_name): with open(ca_name, 'rb') as caf: cacert = crypto.load_certificate(crypto.FILETYPE_PEM, caf.read()) else: keys = dict([(key.upper(), value) for (key, value) in self.conf.items('CA')]) careq = self.createCertRequest(self.cakey, keys) ttl = self.conf.getint('SSL', 'ttl') digest = self.conf.get('SSL', 'digest') #FIXME Handle serial number #FIXME Handle version cacert = ssl.createCertificate(careq, (careq, self.cakey), 0, (0, ttl), digest) with open(ca_name, 'w') as certificate: certificate.write( crypto.dump_certificate(crypto.FILETYPE_PEM, cacert)) self._cacert = cacert return self._cacert