Remove more old client certificate stuff.
This commit is contained in:
parent
c32062d326
commit
a4b2746ae8
41
alphonse.py
41
alphonse.py
|
@ -690,47 +690,6 @@ Slow internet connection? Use 'set timeout' to be more patient.""")
|
|||
debug_text = "\x1b[0;32m[DEBUG] " + debug_text + "\x1b[0m"
|
||||
print(debug_text)
|
||||
|
||||
def _generate_transient_cert_cert(self):
|
||||
"""
|
||||
Use `openssl` command to generate a new transient client certificate
|
||||
with 24 hours of validity.
|
||||
"""
|
||||
certdir = os.path.join(self.config_dir, "transient_certs")
|
||||
name = str(uuid.uuid4())
|
||||
self._generate_client_cert(certdir, name, transient=True)
|
||||
self.active_is_transient = True
|
||||
self.transient_certs_created.append(name)
|
||||
|
||||
def _generate_persistent_client_cert(self):
|
||||
"""
|
||||
Interactively use `openssl` command to generate a new persistent client
|
||||
certificate with one year of validity.
|
||||
"""
|
||||
print("What do you want to name this new certificate?")
|
||||
print("Answering `mycert` will create `~/.alphonse/certs/mycert.crt` and `~/.alphonse/certs/mycert.key`")
|
||||
name = input()
|
||||
if not name.strip():
|
||||
print("Aborting.")
|
||||
return
|
||||
certdir = os.path.join(self.config_dir, "client_certs")
|
||||
self._generate_client_cert(certdir, name)
|
||||
|
||||
def _generate_client_cert(self, certdir, basename, transient=False):
|
||||
"""
|
||||
Use `openssl` binary to generate a client certificate (which may be
|
||||
transient or persistent) and save the certificate and private key to the
|
||||
specified directory with the specified basename.
|
||||
"""
|
||||
if not os.path.exists(certdir):
|
||||
os.makedirs(certdir)
|
||||
certfile = os.path.join(certdir, basename+".crt")
|
||||
keyfile = os.path.join(certdir, basename+".key")
|
||||
cmd = "openssl req -x509 -newkey rsa:2048 -days {} -nodes -keyout {} -out {}".format(1 if transient else 365, keyfile, certfile)
|
||||
if transient:
|
||||
cmd += " -subj '/CN={}'".format(basename)
|
||||
os.system(cmd)
|
||||
self._activate_client_cert(certfile, keyfile)
|
||||
|
||||
# Cmd implementation follows
|
||||
|
||||
def default(self, line):
|
||||
|
|
Loading…
Reference in New Issue