Python find_chain_with_issuer примеры использования

Пример #1

Файл: client.py Проект: trinopoty/certbot

    def obtain_certificate_from_csr(
        self,
        csr: util.CSR,
        orderr: Optional[messages.OrderResource] = None
    ) -> Tuple[bytes, bytes]:
        """Obtain certificate.

        :param .util.CSR csr: PEM-encoded Certificate Signing
            Request. The key used to generate this CSR can be different
            than `authkey`.
        :param acme.messages.OrderResource orderr: contains authzrs

        :returns: certificate and chain as PEM byte strings
        :rtype: tuple

        """
        if self.auth_handler is None:
            msg = ("Unable to obtain certificate because authenticator is "
                   "not set.")
            logger.error(msg)
            raise errors.Error(msg)
        if self.account is None or self.account.regr is None:
            raise errors.Error("Please register with the ACME server first.")
        if self.acme is None:
            raise errors.Error("ACME client is not set.")

        logger.debug("CSR: %s", csr)

        if orderr is None:
            orderr = self._get_order_and_authorizations(csr.data,
                                                        best_effort=False)

        deadline = datetime.datetime.now() + datetime.timedelta(
            seconds=self.config.issuance_timeout)

        logger.debug("Will poll for certificate issuance until %s", deadline)

        orderr = self.acme.finalize_order(
            orderr,
            deadline,
            fetch_alternative_chains=self.config.preferred_chain is not None)

        fullchain = orderr.fullchain_pem
        if self.config.preferred_chain and orderr.alternative_fullchains_pem:
            fullchain = crypto_util.find_chain_with_issuer(
                [fullchain] + orderr.alternative_fullchains_pem,
                self.config.preferred_chain, not self.config.dry_run)
        cert, chain = crypto_util.cert_and_chain_from_fullchain(fullchain)
        return cert.encode(), chain.encode()

Пример #2

Файл: acme_handlers.py Проект: jtschladen/lemur

    def extract_cert_and_chain(self,
                               fullchain_pem,
                               alternative_fullchains_pem,
                               preferred_issuer=None):

        if not preferred_issuer:
            preferred_issuer = current_app.config.get("ACME_PREFERRED_ISSUER",
                                                      None)
        if preferred_issuer:
            # returns first chain if not match
            fullchain_pem = acme_crypto_util.find_chain_with_issuer(
                [fullchain_pem] + alternative_fullchains_pem, preferred_issuer)

        pem_certificate = OpenSSL.crypto.dump_certificate(
            OpenSSL.crypto.FILETYPE_PEM,
            OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                            fullchain_pem),
        ).decode()

        pem_certificate_chain = fullchain_pem[len(pem_certificate):].lstrip()

        return pem_certificate, pem_certificate_chain

Пример #3

 def _call(cls, fullchains, issuer_cn, **kwargs):
     from certbot.crypto_util import find_chain_with_issuer
     return find_chain_with_issuer(fullchains, issuer_cn, kwargs)