def revoke_certificate(self, cert_id, delete=False):
cert_db = Certificate.query.get(cert_id)
order_db = Order.query.get(cert_db.order_id)
if cert_db.status == 'revoked':
status = "This certificate is already revoked"
print(status)
return False, status
certificate = crypto.load_pem_certificate(cert_db.body.encode('ASCII'))
print("Revoking certificate for:")
for domain in crypto.get_certificate_domains(certificate):
print(" {}".format(domain))
certificate = crypto.load_cert_for_revoke(cert_db.body.encode('ASCII'))
try:
self.client.revoke(certificate, 0)
print("Certificate {} revoked.".format(cert_db.id))
order_db.status = 'revoked'
cert_db.status = 'revoked'
if delete:
print("Deleting certificate from database")
database.delete(cert_db)
order_db.resolved_cert_id = None
else:
database.add(cert_db)
database.add(order_db)
status = 'Revoked'
print(status)
return True, status
except IOError:
status = "Revoke failed"
print(status)
return False, status
def revoke_certificate(account_id: int, cert_id: int, delete: bool = False):
account = Account.query.get(account_id)
cert_db = Certificate.query.get(cert_id)
if cert_db:
order_db = Order.query.get(cert_db.order_id)
if cert_db.status == 'revoked':
if delete:
database.delete(cert_db)
order_db.resolved_cert_id = None
database.add(order_db)
status = "Deleted already revoked certificate"
print(status)
return True, status
status = "This certificate is already revoked"
print(status)
return False, status
if order_db.account_id != account_id:
status = "This certificate does not belong to this account"
print(status)
return False, status
acme = AcmeDnsHandler(account.id)
return acme.revoke_certificate(cert_id, delete)
else:
status = "Certificate with id: {} does not exist".format(cert_id)
print(status)
return False, status
def deregister(user_id:int, account_id: int):
account = Account.query.get(account_id)
if account.user_id != user_id:
print("This account does not belong to this user")
return False, account_id
print("Deleting ACME account and revoking all certificates associated with it")
orders = database.get_all(Order, account_id, 'account_id')
for order in orders:
if order.resolved_cert_id:
revoke_certificate(account_id, order.resolved_cert_id)
print("Deregistering acme account with email: {}".format(account.email))
acme = AcmeDnsHandler(account.id)
if acme.deregister_acme_account():
database.delete(account)
print("Done")
return True, account_id
def delete(self):
database.delete(self)
return self