def createCertificate(self, request, name):
ttl = self.conf.getint('SSL', 'ttl')
digest = self.conf.get('SSL', 'digest')
cert_path = "%s.%s" % (name, CERTIFICATE_EXTENSION)
if exists(cert_path):
return crypto.load_certificate(crypto.FILETYPE_PEM,
open(cert_path, 'rb').read())
cert = ssl.createCertificate(request, (self.cacert, self.cakey), 1,
(0, ttl), digest)
open(cert_path, 'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM,
cert))
return cert
def createCertificate(self, request, name):
ttl = self.conf.getint('SSL', 'ttl')
digest = self.conf.get('SSL', 'digest')
cert_path = "%s.%s" % (name, CERTIFICATE_EXTENSION)
if exists(cert_path):
return crypto.load_certificate(crypto.FILETYPE_PEM,
open(cert_path, 'rb').read())
cert = ssl.createCertificate(request, (self.cacert, self.cakey), 1,
(0, ttl), digest)
open(cert_path,
'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
return cert
def cacert(self):
if self._cacert is None:
ca_name = 'CA.%s' % CERTIFICATE_EXTENSION
if exists(ca_name):
with open(ca_name, 'rb') as caf:
cacert = crypto.load_certificate(crypto.FILETYPE_PEM,
caf.read())
else:
keys = dict([(key.upper(), value) for (key, value) in
self.conf.items('CA')])
careq = self.createCertRequest(self.cakey, keys)
ttl = self.conf.getint('SSL', 'ttl')
digest = self.conf.get('SSL', 'digest')
#FIXME Handle serial number
#FIXME Handle version
cacert = ssl.createCertificate(careq, (careq, self.cakey), 0,
(0, ttl), digest)
with open(ca_name, 'w') as certificate:
certificate.write(crypto.dump_certificate(
crypto.FILETYPE_PEM, cacert))
self._cacert = cacert
return self._cacert
def cacert(self):
if self._cacert is None:
ca_name = 'CA.%s' % CERTIFICATE_EXTENSION
if exists(ca_name):
with open(ca_name, 'rb') as caf:
cacert = crypto.load_certificate(crypto.FILETYPE_PEM,
caf.read())
else:
keys = dict([(key.upper(), value)
for (key, value) in self.conf.items('CA')])
careq = self.createCertRequest(self.cakey, keys)
ttl = self.conf.getint('SSL', 'ttl')
digest = self.conf.get('SSL', 'digest')
#FIXME Handle serial number
#FIXME Handle version
cacert = ssl.createCertificate(careq, (careq, self.cakey), 0,
(0, ttl), digest)
with open(ca_name, 'w') as certificate:
certificate.write(
crypto.dump_certificate(crypto.FILETYPE_PEM, cacert))
self._cacert = cacert
return self._cacert
