Commit 364fd8e9 authored by Thomas Gambier's avatar Thomas Gambier 🚴🏼

Improve generate-signature-key options

Actually totally revert 08b53cb3 since
there is no sense to get option from a file which is often inexisting
where the user generate its key.

Also add a warning message at the end.
parent 92b40e7b
Pipeline #20530 passed with stage
in 0 seconds
......@@ -29,23 +29,28 @@ def generateCertificate(certificate_file, key_file, common_name):
raise ValueError("Key %r exists, will not overwrite." %
key_file)
print('Generating certificate for %r (key: %r, certficate: %r)' % (
print('Generating certificate for %r (key: %r, certficate: %r)\n' % (
common_name, key_file, certificate_file))
subj = '/CN=%s' % common_name
subprocess.check_call(["openssl", "req", "-x509", "-nodes", "-days", "36500",
subprocess.check_call(
["openssl", "req", "-x509", "-nodes", "-days", "36500",
"-subj", subj, "-newkey", "rsa:1024", "-keyout", key_file, "-out",
certificate_file])
if certificate_file != '-':
with open(certificate_file, 'r') as f:
print(f.read())
print("\nDon't forget to add the certificate to the "
"signature-certificate-list in your SlapOS configuration file.")
def run(args=None):
parser = argparse.ArgumentParser()
parser.add_argument('slapos_config', type=argparse.FileType('r'),
help='SlapOS configuration file.')
parser.add_argument('output', help='Path of certificate to generate')
parser.add_argument('--cert-file', default='-',
help='Path of certificate to generate (by default, only print on stdout)')
parser.add_argument('key_file',
help='Key file to generate.')
parser.add_argument('common_name',
help='Common name to use in the generated certificate.')
args = parser.parse_args(args)
config = configparser.SafeConfigParser()
config.readfp(args.slapos_config)
generateCertificate(args.output,
config.get('networkcache', 'signature-private-key-file'),
config.get('slapos', 'computer_id'))
generateCertificate(args.cert_file, args.key_file, args.common_name)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment