if cert_data["cat"] != "generated":
continue # Imported cert
with open(
os.path.join(ca_settings.CA_DIR,
cert_data["csr_filename"]), "r") as stream:
csr = stream.read()
profile = cert_data.get("profile", ca_settings.CA_DEFAULT_PROFILE)
c = Certificate(ca=loaded_cas[cert_data["ca"]],
csr=csr,
profile=profile)
with open(os.path.join(ca_settings.CA_DIR, cert_data["pub_filename"]),
"rb") as stream:
pem = stream.read()
c.update_certificate(
x509.load_pem_x509_certificate(pem, default_backend()))
c.save()
if cert_data["type"] == "ca":
password = cert_data.get("password")
if password is not None:
password = password.encode("utf-8")
c.generate_ocsp_key(password=password)
# create admin user for login
User.objects.create_superuser("user", "*****@*****.**", "nopass")
ok()
# create a chain file for the child
stream.write(nonce_req)
else:
# updating only contrib, so remove existing data
data = {}
# Load data from Sphinx files
if args.generate_contrib:
for filename in os.listdir(os.path.join(_sphinx_dir, "ca")):
name, _ext = os.path.splitext(filename)
with open(os.path.join(_sphinx_dir, "ca", filename), "rb") as stream:
pem = stream.read()
parsed = x509.load_pem_x509_certificate(pem, default_backend())
ca = CertificateAuthority(name=name)
ca.update_certificate(parsed)
update_contrib(data, ca, name, filename)
data[name]["type"] = "ca"
data[name]["pathlen"] = ca.pathlen
for filename in os.listdir(os.path.join(_sphinx_dir, "cert")):
name, _ext = os.path.splitext(filename)
contrib_ca = None
if name in data:
contrib_ca = name
name = "%s-cert" % name
with open(os.path.join(_sphinx_dir, "cert", filename), "rb") as stream: