infra/samba-pki-tools
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[FIX] fix retry

Browse Source
This commit is contained in:
Kevin GUERINEAU
2024-05-07 22:13:16 +02:00
parent f14bb52da5
commit 99e59db13d
1 changed files with 18 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
common.py
+18 -10
View File
@@ -259,20 +259,28 @@ def create_openssl_intermediate(name, force=False,verbose=False):
gen_intermediate_ca = subprocess.run(f"/usr/bin/openssl req -config {intermediate_ca_config} -new -sha512 -keyout {TisPKI.intermediate_ca_keyfile(name)} \ gen_intermediate_ca = subprocess.run(f"/usr/bin/openssl req -config {intermediate_ca_config} -new -sha512 -keyout {TisPKI.intermediate_ca_keyfile(name)} \
-out {TisPKI.intermediate_csr_path(name)}/{name.replace(' ','_')}_intermediate_ca.csr", shell=True, check=True, executable='/bin/bash') -out {TisPKI.intermediate_csr_path(name)}/{name.replace(' ','_')}_intermediate_ca.csr", shell=True, check=True, executable='/bin/bash')
Printing.information('Sign Intermediate CA with Root CA') if gen_intermediate_ca.returncode == 0:
sign_intermediate_ca = subprocess.run(f"/usr/bin/openssl ca -config {os.path.join(TisPKI.root_config_path(),'openssl_root_ca_sign_intermediate.ini')} \ Printing.information('Sign Intermediate CA with Root CA')
-extensions v3_intermediate_ca -days 1825 -notext -md sha512 -create_serial -in {TisPKI.intermediate_csr_path(name)}/{name.replace(' ','_')}_intermediate_ca.csr \ sign_intermediate_ca = subprocess.run(f"/usr/bin/openssl ca -config {os.path.join(TisPKI.root_config_path(),'openssl_root_ca_sign_intermediate.ini')} \
-out {TisPKI.intermediate_ca_certfile(name)}", shell=True, check=True, executable='/bin/bash') -extensions v3_intermediate_ca -days 1825 -notext -md sha512 -create_serial -in {TisPKI.intermediate_csr_path(name)}/{name.replace(' ','_')}_intermediate_ca.csr \
-out {TisPKI.intermediate_ca_certfile(name)}", shell=True, check=True, executable='/bin/bash')
if sign_intermediate_ca.returncode == 0: if sign_intermediate_ca.returncode == 0:
if verbose: if verbose:
subprocess.run(f'openssl x509 -in {TisPKI.intermediate_ca_certfile(name)} -text', shell=True, check=True, executable='/bin/bash') subprocess.run(f'openssl x509 -in {TisPKI.intermediate_ca_certfile(name)} -text', shell=True, check=True, executable='/bin/bash')
Printing.success(f'Intermediate CA Certfile is stored in : {TisPKI.intermediate_ca_certfile(name)}') Printing.success(f'Intermediate CA Certfile is stored in : {TisPKI.intermediate_ca_certfile(name)}')
else:
Printing.error('Error on generating Intermediate CA private key')
retry = input('If you want to retry, press Y : ')
if retry == "y" or retry == 'Y':
os.remove(TisPKI.intermediate_ca_certfile(name))
os.remove(TisPKI.intermediate_ca_keyfile(name))
create_openssl_intermediate(name, force, verbose)
else: else:
Printing.error('Error on generating Intermediate CA private key') Printing.error('Error on generating Root CA private key')
os.remove(TisPKI.intermediate_ca_keyfile(name))
retry = input('If you want to retry, press Y : ') retry = input('If you want to retry, press Y : ')
if retry == "y" or retry == 'Y': if retry == "y" or retry == 'Y':
os.remove(TisPKI.intermediate_ca_keyfile(name))
create_openssl_intermediate(name, force, verbose) create_openssl_intermediate(name, force, verbose)
else: else:
Printing.warning('Intermediate CA private key and certificate already exist. Skip.') Printing.warning('Intermediate CA private key and certificate already exist. Skip.')