Esempio n. 1
0
def generate_certificate(cert_dir, uid, sid, role, email, cn, org, ca_cert=None):
    """Generates a new x509 certificate for a manager from scratch.

    Creates a key, a request and then the certificate."""

    # Get CA cert
    if ca_cert is None:
        ca_cert = file_get_contents(os.path.join(cert_dir, "ca_cert.pem"))

    # Generate keypair
    req_key  = x509.gen_rsa_keypair()

    # Generate certificate request
    x509_req = x509.create_x509_req(req_key, userId=uid, serviceLocator=sid, 
        O=org, emailAddress=email, CN=cn, role=role)

    # Sign the request
    certificate = create_x509_cert(cert_dir, x509_req)

    return { 'ca_cert': ca_cert, 
             'key': crypto.dump_privatekey(crypto.FILETYPE_PEM, req_key), 
             'cert': certificate }
Esempio n. 2
0
def generate_certificate(cert_dir,
                         uid,
                         sid,
                         role,
                         email,
                         cn,
                         org,
                         ca_cert=None):
    """Generates a new x509 certificate for a manager from scratch.

    Creates a key, a request and then the certificate."""

    # Get CA cert
    if ca_cert is None:
        ca_cert = file_get_contents(os.path.join(cert_dir, "ca_cert.pem"))

    # Generate keypair
    req_key = x509.gen_rsa_keypair()

    # Generate certificate request
    x509_req = x509.create_x509_req(req_key,
                                    userId=uid,
                                    serviceLocator=sid,
                                    O=org,
                                    emailAddress=email,
                                    CN=cn,
                                    role=role)

    # Sign the request
    certificate = create_x509_cert(cert_dir, x509_req)

    return {
        'ca_cert': ca_cert,
        'key': crypto.dump_privatekey(crypto.FILETYPE_PEM, req_key),
        'cert': certificate
    }
Esempio n. 3
0
else:
    # If DIRECTOR_URL does not exist, just trust platform.node()
    hostname = platform.node()

#try:
#    hostname = sys.argv[1]
#except IndexError:
#    hostname = rlinput('Please enter your host ip: ', hostname) 
# create CA keypair
cakey = x509.gen_rsa_keypair()

# save ca_key.pem to filesystem
open(os.path.join(CERT_DIR, 'ca_key.pem'), 'w').write(x509.key_as_pem(cakey))

# create cert request
req = x509.create_x509_req(cakey, CN='CA', emailAddress='*****@*****.**',
                           O='ConPaaS')

five_years = 60 * 60 * 24 * 365 * 5

# create ca certificate, valid for five years
cacert = x509.create_cert(
    req=req,
    issuer_cert=req,
    issuer_key=cakey,
    serial=random.randint(1, sys.maxint),
    not_before=0,
    not_after=five_years)

# save ca_cert.pem to filesystem
open(os.path.join(CERT_DIR, 'ca_cert.pem'), 'w').write(
    x509.cert_as_pem(cacert))
Esempio n. 4
0
    hostname = platform.node()

try:
    hostname = sys.argv[1]
except IndexError:
    hostname = rlinput('Please enter your hostname: ', hostname)

# create CA keypair
cakey = x509.gen_rsa_keypair()

# save ca_key.pem to filesystem
open(os.path.join(CERT_DIR, 'ca_key.pem'), 'w').write(x509.key_as_pem(cakey))

# create cert request
req = x509.create_x509_req(cakey,
                           CN='CA',
                           emailAddress='*****@*****.**',
                           O='ConPaaS')

five_years = 60 * 60 * 24 * 365 * 5

# create ca certificate, valid for five years
cacert = x509.create_cert(req=req,
                          issuer_cert=req,
                          issuer_key=cakey,
                          serial=random.randint(1, sys.maxint),
                          not_before=0,
                          not_after=five_years)

# save ca_cert.pem to filesystem
open(os.path.join(CERT_DIR, 'ca_cert.pem'),
     'w').write(x509.cert_as_pem(cacert))