Commit 9b78833e authored by Łukasz Nowak's avatar Łukasz Nowak

- do not mangle id to CN, as it shall be used in it clean, lowercased

   form


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@42408 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 6ae1de95
...@@ -36,7 +36,6 @@ from zLOG import LOG, INFO ...@@ -36,7 +36,6 @@ from zLOG import LOG, INFO
import os import os
import subprocess import subprocess
import base64
def popenCommunicate(command_list, input=None, **kwargs): def popenCommunicate(command_list, input=None, **kwargs):
kwargs.update(stdout=subprocess.PIPE, stderr=subprocess.STDOUT) kwargs.update(stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
...@@ -185,14 +184,13 @@ class CertificateAuthorityTool(BaseTool): ...@@ -185,14 +184,13 @@ class CertificateAuthorityTool(BaseTool):
self._lockCertificateAuthority() self._lockCertificateAuthority()
try: try:
new_id = open(self.serial, 'r').read().strip().lower() new_id = open(self.serial, 'r').read().strip().lower()
cn = base64.encodestring(str(new_id) + ':')
key = os.path.join(self.certificate_authority_path, 'private', new_id+'.key') key = os.path.join(self.certificate_authority_path, 'private', new_id+'.key')
csr = os.path.join(self.certificate_authority_path, new_id + '.csr') csr = os.path.join(self.certificate_authority_path, new_id + '.csr')
cert = os.path.join(self.certificate_authority_path, 'certs', new_id + '.crt') cert = os.path.join(self.certificate_authority_path, 'certs', new_id + '.crt')
try: try:
popenCommunicate([self.openssl_binary, 'req', '-nodes', '-config', popenCommunicate([self.openssl_binary, 'req', '-nodes', '-config',
self.openssl_config, '-new', '-keyout', key, '-out', csr, '-days', self.openssl_config, '-new', '-keyout', key, '-out', csr, '-days',
'3650'], '%s\n' % cn, stdin=subprocess.PIPE) '3650'], '%s\n' % new_id, stdin=subprocess.PIPE)
popenCommunicate([self.openssl_binary, 'ca', '-batch', '-config', popenCommunicate([self.openssl_binary, 'ca', '-batch', '-config',
self.openssl_config, '-out', cert, '-infiles', csr]) self.openssl_config, '-out', cert, '-infiles', csr])
os.unlink(csr) os.unlink(csr)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment