def show_cert(self, certid=None):
list = []
if certid:
rawmode = False
if "_" in certid and certid.split("_")[1] == "raw":
rawmode = True
certid = certid.split("_")[0]
i=0
for cert in SSL.get_all_certificates():
if certid == cert['id']:
i = 1
SSL.display_cert(cert['cert'])
if rawmode:
print crypto.dump_certificate(crypto.FILETYPE_PEM, cert['cert'])
if i == 0:
print "*** Certificate not found"
else:
for cert in SSL.get_all_certificates():
state = SSL.get_state_cert(cert['cert'])
list.append((cert['id'], SSL.get_x509_name(cert['cert'].get_subject()), state))
Render.print_table(('ID', 'Subject', 'State'), list)
def do_revoke(self, line):
if line:
i=0
for cert in SSL.get_all_certificates():
if line == cert['id']:
i = 1
print "Reason : "
reasons = crypto.Revoked().all_reasons()
for (k, v) in enumerate(reasons):
print " %s: %s" % (k, v)
res = raw_input("Select reason : ")
if res.isdigit() and 0 <= int(res) < len(reasons):
revoked = crypto.Revoked()
revoked.set_reason(reasons[int(res)])
revoked.set_serial(hex(cert['cert'].get_serial_number())[2:-1])
revoked.set_rev_date(datetime.utcnow().strftime("%Y%m%d%H%M%S%Z")+"Z")
SSL.add_revoked(revoked)
else:
print "*** Reason is not valid"
if i == 0:
print "*** Certificate not found"
else:
print "revoke <certid>"
def resigned_all_cert(self):
for certhash in SSL.get_all_certificates():
cert_signed = SSL.sign(certhash['cert'], SSL.get_ca_privatekey(), Config().config.get("cert", "digest"))
SSL.delete_cert(certhash['id'])
SSL.set_cert(cert_signed)
