From: %s

did not match the attributes

  commonName   = %s
  emailAddress = %s

given in your certificate request. Your certificate request will
be processed anyway. But if you intend to use the requested
certificate for signing e-mails you might want to adjust the from
address in your mail clients preferences / options menu to avoid
trouble with other mail users reporting invalid signatures.

If you have further questions simply reply to this e-mail.
""" % (mime_encode_header(
        charset.t612iso(cacert.subject.get(
            'CN', 'CA administrator'))), ca_from_addr, certreq_mail_attr,
       caChallengeId, from_addr, certreq_name_attr, certreq_mail_attr)

    try:
        smtpconn = smtplib.SMTP(MailRelay)
        try:
            try:
                smtpconn.set_debuglevel(0)
                smtpconn.sendmail(ca_from_addr, certreq_mail_attr, mail_msg)
            finally:
                smtpconn.quit()
        except:
            LogWrite(logfile, 'Error', m,
                     'Unable to send an e-mail to %s!\n' % (certreq_mail_attr))
        else:
            LogWrite(
示例#2
0
  dntemplate = findoption(options,'--dntemplate')[1]
else:
  dntemplate = r'cn=%(CN)s'

ca_names = opensslcnf.sectionkeys.get('ca',[])
ca_dn_dict = {}

for ca_name in ca_names:

  ca = opensslcnf.getcadata(ca_name)

  if os.path.isfile(ca.certificate):

    cacert = openssl.cert.X509CertificateClass(ca.certificate)

    ca_dn = charset.iso2utf(charset.t612iso(dntemplate % (cacert.subject)))
    if ca_dn_dict.has_key(ca_dn):
      sys.stderr.write('Warning: DN of %s conflicts with %s.\n' % (ca_name,ca_dn_dict[ca_dn]))
    else:
      ca_dn_dict[ca_dn]=ca_name

    if ldapbase.dn_regex.match(ca_dn):
      ca_entry = {'objectclass':['top','certificationAuthority']}
      ca_entry['cACertificate;binary'] = [cacert.readcertfile('der')]

      if create_crls:
	if os.path.isfile(ca.crl):

          cacrl = openssl.cert.CRLClass(ca.crl)
          ca_entry['certificateRevocationList;binary'] = [cacrl.readcertfile('der')]
          ca_entry['authorityRevocationList;binary'] = [cacrl.readcertfile('der')]
did not match the attributes

  commonName   = %s
  emailAddress = %s

given in your certificate request. Your certificate request will
be processed anyway. But if you intend to use the requested
certificate for signing e-mails you might want to adjust the from
address in your mail clients preferences / options menu to avoid
trouble with other mail users reporting invalid signatures.

If you have further questions simply reply to this e-mail.
""" % (
  mime_encode_header(
    charset.t612iso(
      cacert.subject.get('CN','CA administrator'))
    ),
    ca_from_addr,
  certreq_mail_attr,
  caChallengeId,
  from_addr,
  certreq_name_attr,certreq_mail_attr
)

  try:
    smtpconn=smtplib.SMTP(MailRelay)
    try:
      try:
        smtpconn.set_debuglevel(0)
        smtpconn.sendmail(ca_from_addr,certreq_mail_attr,mail_msg)
      finally: