def retrieveCAChain():
if not os.path.isfile(conf.certsDir + "/ca.crt"):
try:
rawCrt = certUtils.retrieveCAChain(conf.EJBCA_API_URL, conf.CAName)
certUtils.saveCRT(conf.certsDir + "/ca.crt", rawCrt)
print("CA certificates retrieved")
except KeyError:
print "Invalid answer returned from EJBCA."
exit(-1)
def askCertSign(CName):
try:
cert = certUtils.signCert(conf.ejbcaApiUrl,
conf.certsDir + "/mosca.csr", CName)
certUtils.saveCRT(conf.certsDir + "/mosca.crt", cert)
print("mosca certificate signed")
except certUtils.x509IdentityMgmtException as err:
print("Cant sign the CRT. Error from x509-identity-mgmt: " +
err.message)
exit(-1)
def retrieveCAChain():
try:
rawCrt = certUtils.retrieveCAChain(conf.ejbcaApiUrl)
certUtils.saveCRT(conf.certsDir + "/ca.crt", rawCrt)
print("CA certificates retrieved")
except certUtils.x509IdentityMgmtException as err:
print("Cant retrieve CA Chain. Error from x509-identity-mgmt: " +
err.message)
exit(-1)
except KeyError:
print("Invalid answer returned from EJBCA.")
exit(-1)
def retrieveCAChain(ejbcaHost, caName, overwrite):
filename = conf.certsDir + "/" + caName + ".crt"
if not os.path.isfile(filename) or overwrite:
try:
rawCrt = certUtils.retrieveCAChain(ejbcaHost, caName)
certUtils.saveCRT(filename, rawCrt)
print("CA certificates retrieved")
except KeyError:
print("Invalid answer returned from EJBCA.")
exit(-1)
else:
print("CA Certificate file already exists at "
+ filename + ". Skiping.")
def askCertSign(ejbcaHost, devname):
filename = conf.certsDir + "/" + devname + ".crt"
if not os.path.isfile(filename) or overwrite:
try:
cert = certUtils.signCert(ejbcaHost,
conf.certsDir + "/" + devname + ".csr",
devname, 'dojot')
except certUtils.EJBCARESTException as err:
print("Cant sign the CRT. EJBCA-REST return code: "
+ str(err))
exit(-1)
certUtils.saveCRT(filename, cert)
print(devname + " certificate signed. Avaliable at " + filename)
else:
print("Certificate file already exists at " + filename + ". Skiping.")
def askCertSign(ejbcaHost, devname, overwrite):
filename = conf.certsDir + "/" + devname + ".crt"
if not os.path.isfile(filename) or overwrite:
try:
cert = certUtils.signCert(ejbcaHost,
conf.certsDir + "/" + devname + ".csr",
devname, 'dojot')
except requests.exceptions.HTTPError as err:
print("Cant sign the CRT. EJBCA-REST return code: "
" EJBCA-REST return code: " + str(err.response.status_code))
print(str(err.response.text))
helperErrorDesc(err.response.status_code)
exit(-1)
certUtils.saveCRT(filename, cert)
print(devname + " certificate signed. Avaliable at " + filename)
else:
print("Certificate file already exists at " + filename + ". Skiping.")
def askCertSign():
if not os.path.isfile(conf.certsDir + "/mosca.crt"):
passwd = binascii.b2a_hex(os.urandom(16))
try:
certUtils.createEJBCAUser(conf.EJBCA_API_URL, conf.CAName, "mosca",
passwd)
except certUtils.EJBCARESTException as err:
print("Cant create EJBCA user. Error: " + err.message)
exit(-1)
try:
cert = certUtils.signCert(conf.EJBCA_API_URL,
conf.certsDir + "/mosca.csr", "mosca",
passwd)
except certUtils.EJBCARESTException as err:
print("Cant sign the CRT. EJBCA-REST return code: " + err.message)
exit(-1)
certUtils.saveCRT(conf.certsDir + "/mosca.crt", cert)
print("mosca certificate signed")
def retrieveCAChain(ejbcaHost, caName, overwrite):
filename = conf.certsDir + "/" + caName + ".crt"
if not os.path.isfile(filename) or overwrite:
try:
rawCrt = certUtils.retrieveCAChain(ejbcaHost, caName)
certUtils.saveCRT(filename, rawCrt)
print("CA certificates retrieved")
except KeyError:
print("Invalid answer returned from EJBCA.")
exit(-1)
except requests.exceptions.HTTPError as err:
print("Can't retrieve CA chain certificate."
" EJBCA-REST return code: " + str(err.response.status_code))
print(str(err.response.text))
helperErrorDesc(err.response.status_code)
exit(-1)
else:
print("CA Certificate file already exists at " + filename +
". Skiping.")