|
|
@ -243,16 +243,16 @@ emailAddress = %(sslEmail)s
|
|
|
|
nsCertType = %(nsCertType)s
|
|
|
|
nsCertType = %(nsCertType)s
|
|
|
|
"""
|
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
|
|
templCreateKey = "%(sslFile)s genrsa -out %(certKeyFile)s %(sslBits)s"
|
|
|
|
templCreateKey = "%(sslFile)s genrsa -out '%(certKeyFile)s' %(sslBits)s"
|
|
|
|
templCreateCert = "%(sslFile)s req -new -x509 -days %(sslDays)s "\
|
|
|
|
templCreateCert = "%(sslFile)s req -new -x509 -days %(sslDays)s "\
|
|
|
|
"-config %(cnfFile)s -key %(certKeyFile)s "\
|
|
|
|
"-config '%(cnfFile)s' -key '%(certKeyFile)s' "\
|
|
|
|
"-out %(certFile)s"
|
|
|
|
"-out '%(certFile)s'"
|
|
|
|
templCreateReq = "%(sslFile)s req -new -days %(sslDays)s "\
|
|
|
|
templCreateReq = "%(sslFile)s req -new -days %(sslDays)s "\
|
|
|
|
"-config %(cnfFile)s -key %(certKeyFile)s "\
|
|
|
|
"-config '%(cnfFile)s' -key '%(certKeyFile)s' "\
|
|
|
|
"-out %(certCsrFile)s"
|
|
|
|
"-out '%(certCsrFile)s'"
|
|
|
|
templCreateSignCert = "%(sslFile)s ca -batch -config %(cnfFile)s "\
|
|
|
|
templCreateSignCert = "%(sslFile)s ca -batch -config '%(cnfFile)s' "\
|
|
|
|
"-policy policy_anything -days %(sslDays)s "\
|
|
|
|
"-policy policy_anything -days '%(sslDays)s' "\
|
|
|
|
"-out %(certFile)s -infiles %(certCsrFile)s"
|
|
|
|
"-out '%(certFile)s' -infiles '%(certCsrFile)s'"
|
|
|
|
|
|
|
|
|
|
|
|
def createCnfFile(self, textCnf):
|
|
|
|
def createCnfFile(self, textCnf):
|
|
|
|
'''Generate openssl.cnf file'''
|
|
|
|
'''Generate openssl.cnf file'''
|
|
|
@ -269,7 +269,7 @@ nsCertType = %(nsCertType)s
|
|
|
|
|
|
|
|
|
|
|
|
def checkCertificate(self, certFile):
|
|
|
|
def checkCertificate(self, certFile):
|
|
|
|
# Проверка сертификата
|
|
|
|
# Проверка сертификата
|
|
|
|
textLine = execProg("%s x509 -subject -fingerprint -noout -in %s"
|
|
|
|
textLine = execProg("%s x509 -subject -fingerprint -noout -in '%s'"
|
|
|
|
%(self.sslFile, certFile))
|
|
|
|
%(self.sslFile, certFile))
|
|
|
|
if textLine is False:
|
|
|
|
if textLine is False:
|
|
|
|
self.printERROR(_("Error checking certificate %s")%certFile)
|
|
|
|
self.printERROR(_("Error checking certificate %s")%certFile)
|
|
|
@ -456,10 +456,6 @@ nsCertType = %(nsCertType)s
|
|
|
|
os.chown(keyFile, uid,gid)
|
|
|
|
os.chown(keyFile, uid,gid)
|
|
|
|
os.chmod(keyFile, fileMode)
|
|
|
|
os.chmod(keyFile, fileMode)
|
|
|
|
# generate request
|
|
|
|
# generate request
|
|
|
|
templCreateReq = "%(sslFile)s req -new -days %(sslDays)s "\
|
|
|
|
|
|
|
|
"-config %(cnfFile)s -key %(certKeyFile)s "\
|
|
|
|
|
|
|
|
"-out %(certCsrFile)s"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
execStr = self.templCreateReq%{'sslFile':self.sslFile,
|
|
|
|
execStr = self.templCreateReq%{'sslFile':self.sslFile,
|
|
|
|
'sslDays':sslDays,
|
|
|
|
'sslDays':sslDays,
|
|
|
|
'cnfFile':cnfFile,
|
|
|
|
'cnfFile':cnfFile,
|
|
|
@ -539,9 +535,10 @@ nsCertType = %(nsCertType)s
|
|
|
|
if not os.path.exists(dirName):
|
|
|
|
if not os.path.exists(dirName):
|
|
|
|
self._createDir(dirName, uid=uid, gid=gid)
|
|
|
|
self._createDir(dirName, uid=uid, gid=gid)
|
|
|
|
# Создание сертификата
|
|
|
|
# Создание сертификата
|
|
|
|
textLine = execProg(
|
|
|
|
textLine = execProg("%s req -new -x509 -nodes -config '%s'"
|
|
|
|
"%s req -new -x509 -nodes -config %s -days %s -out %s -keyout %s"
|
|
|
|
"-days %s -out '%s'-keyout '%s'"
|
|
|
|
%(self.sslFile, cnfFile, sslDays, certFile, keyFile))
|
|
|
|
%(self.sslFile, cnfFile, sslDays, certFile,
|
|
|
|
|
|
|
|
keyFile))
|
|
|
|
if textLine is False:
|
|
|
|
if textLine is False:
|
|
|
|
self.printERROR(_("Can not create certificate %s")%certFile)
|
|
|
|
self.printERROR(_("Can not create certificate %s")%certFile)
|
|
|
|
return False
|
|
|
|
return False
|
|
|
|