def on_treeview_checked_changed(self, path):
if path and path.endswith(".csr"):
tdw = TextDisplayWindow(self.path)
cert = crypto.load_certificate_request(crypto.FILETYPE_PEM, Shell.command.read_file(path))
help_array = []
if cert.get_subject().organizationName:
help_array.append( ["Organisation:", cert.get_subject().organizationName] )
if cert.get_subject().organizationalUnitName:
help_array.append( ["Organisation Unit:", cert.get_subject().organizationalUnitName] )
if cert.get_subject().localityName:
help_array.append( ["Locality:", cert.get_subject().localityName] )
if cert.get_subject().stateOrProvinceName:
help_array.append( ["State:", cert.get_subject().stateOrProvinceName] )
if cert.get_subject().countryName:
help_array.append( ["Country:", cert.get_subject().countryName] )
help_array.append( ["Domain:", cert.get_subject().commonName] )
text = "<big><b>SSL Certificate Request</b></big>\nYou will need to send this certificate request, proof of your company's identity, and payment to a Certificate Authority (CA). The CA verifies the certificate request and your identity, and then sends back a certificate for your secure server."
tdw.load(text,help_array, path)
tdw.run()
elif not path or path.endswith(".crt"):
result = gtk.RESPONSE_OK
if path:
tdw = TextDisplayWindow(self.path)
cert = crypto.load_certificate(crypto.FILETYPE_PEM, Shell.command.read_file(path))
expired = self.get_expiry_date_hack(cert, path)
start = self.get_start_date_hack(cert, path)
status = "Valid"
if cert.has_expired(): status = "Expired"
text = "<big><b>SSL Certificate for <i>%s</i></b></big>" % (cert.get_subject().commonName )
help_array = []
help_array.append( ["Status:", status ] )
help_array.append( ["Domain:", cert.get_subject().commonName ] )
help_array.append( ["Serial:", cert.get_serial_number() ] )
help_array.append( ["Starts:", start] )
help_array.append( ["Expires:", expired] )
if cert.get_subject().organizationName:
help_array.append( ["Organisation:", cert.get_subject().organizationName] )
if cert.get_subject().organizationalUnitName:
help_array.append( ["Organisation Unit:", cert.get_subject().organizationalUnitName] )
if cert.get_subject().localityName:
help_array.append( ["Locality:", cert.get_subject().localityName] )
if cert.get_subject().stateOrProvinceName:
help_array.append( ["State:", cert.get_subject().stateOrProvinceName] )
if cert.get_subject().countryName:
help_array.append( ["Country:", cert.get_subject().countryName] )
#help_array.append( ["Domain:", cert.get_subject().commonName] )
help_array.append( ["Issued by:", cert.get_issuer().commonName] )
tdw.load( "SSL Certificate Details", text, help_array, path, True, self.active_cert != path)
result = tdw.run()
if result == gtk.RESPONSE_OK:
md = gtk.MessageDialog(None, flags=0, type=gtk.MESSAGE_QUESTION, buttons=gtk.BUTTONS_YES_NO, message_format="Are you sure you want to change the active SSL certificate?")
result = md.run()
md.destroy()
if result == gtk.RESPONSE_YES:
self.update_active_cert(path)
self.update_treeview()
def on_treeview_checked_changed(self, path):
if path and path.endswith(".csr"):
tdw = TextDisplayWindow(self.path)
cert = crypto.load_certificate_request(
crypto.FILETYPE_PEM, Shell.command.read_file(path))
help_array = []
if cert.get_subject().organizationName:
help_array.append(
["Organisation:",
cert.get_subject().organizationName])
if cert.get_subject().organizationalUnitName:
help_array.append([
"Organisation Unit:",
cert.get_subject().organizationalUnitName
])
if cert.get_subject().localityName:
help_array.append(
["Locality:", cert.get_subject().localityName])
if cert.get_subject().stateOrProvinceName:
help_array.append(
["State:",
cert.get_subject().stateOrProvinceName])
if cert.get_subject().countryName:
help_array.append(["Country:", cert.get_subject().countryName])
help_array.append(["Domain:", cert.get_subject().commonName])
text = "<big><b>SSL Certificate Request</b></big>\nYou will need to send this certificate request, proof of your company's identity, and payment to a Certificate Authority (CA). The CA verifies the certificate request and your identity, and then sends back a certificate for your secure server."
tdw.load(text, help_array, path)
tdw.run()
elif not path or path.endswith(".crt"):
result = gtk.RESPONSE_OK
if path:
tdw = TextDisplayWindow(self.path)
cert = crypto.load_certificate(crypto.FILETYPE_PEM,
Shell.command.read_file(path))
expired = self.get_expiry_date_hack(cert, path)
start = self.get_start_date_hack(cert, path)
status = "Valid"
if cert.has_expired(): status = "Expired"
text = "<big><b>SSL Certificate for <i>%s</i></b></big>" % (
cert.get_subject().commonName)
help_array = []
help_array.append(["Status:", status])
help_array.append(["Domain:", cert.get_subject().commonName])
help_array.append(["Serial:", cert.get_serial_number()])
help_array.append(["Starts:", start])
help_array.append(["Expires:", expired])
if cert.get_subject().organizationName:
help_array.append(
["Organisation:",
cert.get_subject().organizationName])
if cert.get_subject().organizationalUnitName:
help_array.append([
"Organisation Unit:",
cert.get_subject().organizationalUnitName
])
if cert.get_subject().localityName:
help_array.append(
["Locality:",
cert.get_subject().localityName])
if cert.get_subject().stateOrProvinceName:
help_array.append(
["State:",
cert.get_subject().stateOrProvinceName])
if cert.get_subject().countryName:
help_array.append(
["Country:",
cert.get_subject().countryName])
#help_array.append( ["Domain:", cert.get_subject().commonName] )
help_array.append(["Issued by:", cert.get_issuer().commonName])
tdw.load("SSL Certificate Details", text, help_array, path,
True, self.active_cert != path)
result = tdw.run()
if result == gtk.RESPONSE_OK:
md = gtk.MessageDialog(
None,
flags=0,
type=gtk.MESSAGE_QUESTION,
buttons=gtk.BUTTONS_YES_NO,
message_format=
"Are you sure you want to change the active SSL certificate?"
)
result = md.run()
md.destroy()
if result == gtk.RESPONSE_YES:
self.update_active_cert(path)
self.update_treeview()
def generate_certificate_request(self):
# http://www.iaeste.or.at/doc/pyopenssl-doc/examples/
# Generate a key for the vhost
self.cert = None
timestamp = time.strftime( "%y-%m-%d %H:%M:%S", time.localtime() )
privatekey_path = self.key
certreq_path = os.path.join("/etc/apache2/ssl/", self.combobox_domain.get_active_text() + '.csr')
cert_path = os.path.join("/etc/apache2/ssl/", self.combobox_domain.get_active_text() + ' ' + timestamp +'.crt')
pkey = crypto.PKey()
print "Private key : " + privatekey_path
if not Shell.command.sudo_exists(privatekey_path):
pkey.generate_key(crypto.TYPE_RSA, 1024)
Shell.command.write_file( privatekey_path, crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey), False)
else:
pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, Shell.command.sudo_read_file(privatekey_path))
req = crypto.X509Req()
subj = req.get_subject()
setattr(subj, "CN", self.combobox_domain.get_active_text())
setattr(subj, "C", country_codes[self.combobox_country.get_active_text()])
if self.entry_city.get_text():
setattr(subj, "L", self.entry_city.get_text())
if self.entry_organisation.get_text():
setattr(subj, "O", self.entry_organisation.get_text())
if self.entry_organisation_unit.get_text():
setattr(subj, "OU", self.entry_organisation_unit.get_text())
if self.entry_state.get_text():
setattr(subj, "ST", self.entry_state.get_text())
req.set_pubkey(pkey)
req.sign(pkey, "md5")
print "Created cert " + certreq_path
Shell.command.write_file( certreq_path, crypto.dump_certificate_request(crypto.FILETYPE_PEM, req))
if self.checkbutton_self_sign.get_active():
cert = crypto.X509()
cert.set_serial_number( int(time.strftime("%m%d%H%M%S", time.localtime())) )
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(60*60*24*365*5) # five years
cert.set_issuer(req.get_subject())
cert.set_subject(req.get_subject())
cert.set_pubkey(req.get_pubkey())
cert.sign(pkey, "md5")
print "Created cert " + cert_path
Shell.command.write_file( cert_path, crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
self.cert = cert_path
else:
tdw = TextDisplayWindow(self.glade_path)
help_array = []
if req.get_subject().organizationName:
help_array.append( ["Organisation:", req.get_subject().organizationName] )
if req.get_subject().organizationalUnitName:
help_array.append( ["Organisation Unit:", req.get_subject().organizationalUnitName] )
if req.get_subject().localityName:
help_array.append( ["Locality:", req.get_subject().localityName] )
if req.get_subject().stateOrProvinceName:
help_array.append( ["State:", req.get_subject().stateOrProvinceName] )
if req.get_subject().countryName:
help_array.append( ["Country:", req.get_subject().countryName] )
help_array.append( ["Domain:", req.get_subject().commonName] )
tdw.load( "SSL Certificate Request", "<big><b>SSL Certificate Request</b></big>\n\nYou will need to send this certificate request, proof of your company's identity, and payment to a Certificate Authority (CA).\n\nThe CA verifies the certificate request and your identity, and then sends back a certificate for your secure server.", help_array, certreq_path)
self.window.hide()
tdw.run()
return