def create_minion_keys(hostname=None, ca_name=''):
log = logger.Logger().logger
# FIXME: paths should not be hard coded here, move to settings universally
config_file = '/etc/certmaster/minion.conf'
config = read_config(config_file, MinionConfig)
try:
certauth=config.ca[ca_name]
except:
raise codes.CMException("Unknown cert authority: %s" % ca_name)
cert_dir = certauth.cert_dir
master_uri = 'http://%s:%s/' % (config.certmaster, config.certmaster_port)
hn = hostname
if hn is None:
hn = get_hostname()
if hn is None:
raise codes.CMException("Could not determine a hostname other than localhost")
else:
# use lowercase letters for hostnames
hn = hn.lower()
key_file = '%s/%s.pem' % (cert_dir, hn)
csr_file = '%s/%s.csr' % (cert_dir, hn)
cert_file = '%s/%s.cert' % (cert_dir, hn)
ca_cert_file = '%s/ca.cert' % cert_dir
if os.path.exists(cert_file) and os.path.exists(ca_cert_file):
# print "DEBUG: err, no cert_file"
return
keypair = None
try:
if not os.path.exists(cert_dir):
os.makedirs(cert_dir)
if not os.path.exists(key_file):
keypair = certs.make_keypair(dest=key_file)
if not os.path.exists(csr_file):
if not keypair:
keypair = certs.retrieve_key_from_file(key_file)
csr = certs.make_csr(keypair, dest=csr_file, hostname=hn)
except Exception, e:
traceback.print_exc()
raise codes.CMException, "Could not create local keypair or csr for session"
def create_minion_keys():
# FIXME: paths should not be hard coded here, move to settings universally
config_file = '/etc/certmaster/minion.conf'
config = read_config(config_file, MinionConfig)
cert_dir = config.cert_dir
master_uri = 'http://%s:%s/' % (config.certmaster, config.certmaster_port)
# print "DEBUG: acquiring hostname"
hn = get_hostname()
# print "DEBUG: hostname = %s\n" % hn
if hn is None:
raise codes.CMException("Could not determine a hostname other than localhost")
key_file = '%s/%s.pem' % (cert_dir, hn)
csr_file = '%s/%s.csr' % (cert_dir, hn)
cert_file = '%s/%s.cert' % (cert_dir, hn)
ca_cert_file = '%s/ca.cert' % cert_dir
if os.path.exists(cert_file) and os.path.exists(ca_cert_file):
# print "DEBUG: err, no cert_file"
return
keypair = None
try:
if not os.path.exists(cert_dir):
os.makedirs(cert_dir)
if not os.path.exists(key_file):
keypair = certs.make_keypair(dest=key_file)
if not os.path.exists(csr_file):
if not keypair:
keypair = certs.retrieve_key_from_file(key_file)
csr = certs.make_csr(keypair, dest=csr_file)
except Exception, e:
traceback.print_exc()
raise codes.CMException, "Could not create local keypair or csr for session"