def _certificate_maintenance(self):
previous = PersistentDataObject(self)
previous.cert_config = None
previous.key_file = None
previous.server_cert = None
previous.cert_fingerprint = None
previous.load()
c = certificate.CertificateConfiguration(self)
config = {'C':self.country}
config['ST'] = self.state
config['L'] = self.city
config['O'] = self.organization
config['OU'] = self.organizational_unit
config['CN'] = self.common_name
config['emailAddress'] = self.email
c.configure(config)
cert_fingerprint = makecert.get_fingerprint(self.server_cert)
if previous.cert_fingerprint == cert_fingerprint:
msglog.log('broadway', msglog.types.INFO, 'Certificate Fingerprint Match!!!!' )
else:
msglog.log('broadway', msglog.types.INFO, 'Certificate Fingerprint Mismatch!!!!' )
if c == previous.cert_config and \
previous.key_file == self.key_file and \
previous.cert_fingerprint == cert_fingerprint and \
not certificate.is_outdated(self.server_cert):
msglog.log('broadway', msglog.types.INFO,
'Using existing certificate')
return
msglog.log('broadway', msglog.types.INFO, 'Generating new certificate')
filename = os.path.join(properties.TEMP_DIR, 'cert_config.tmp')
file = open(filename, 'w')
c.formatted_output_to_file(file)
try:
failed = 1
makecert.create_from_file(filename, self.key_file,
self.server_cert)
failed = 0
msglog.log('broadway', msglog.types.INFO,
'Certificate generated')
except:
msglog.exception()
msglog.log('broadway', msglog.types.WARN,
'Certificate generation failed')
file.close()
os.remove(filename)
if not failed:
previous.cert_config = c.configuration()
previous.key_file = self.key_file
previous.server_cert = self.server_cert
previous.cert_fingerprint = makecert.get_fingerprint(self.server_cert)
previous.save()
return
