4 from templates import *
10 conf_file = os.path.join(ca_base, 'conf/ca.conf')
11 ca_file = os.path.join(ca_base, 'public/ca.pem')
12 ca_dsa_file = os.path.join(ca_base, 'public/ca-dsa.tmp')
13 ca_key_file = os.path.join(ca_base, 'private/ca.key')
14 ca_dsa_key_file = os.path.join(ca_base, 'private/ca-dsa.key')
15 ca_csr_file = os.path.join(ca_base, 'newcerts/ca.csr')
16 ca_dsa_csr_file = os.path.join(ca_base, 'newcerts/ca-dsa.csr')
17 dsa_parms_file = os.path.join(ca_base, 'private/ca.dsap')
19 serial_file = os.path.join(ca_base, 'serial')
20 index_file = os.path.join(ca_base, 'index')
21 if not os.path.exists(serial_file):
22 open(serial_file, 'w').write('01')
23 if not os.path.exists(index_file):
24 open(index_file, 'w').close()
27 openssl_conf_template,
30 default_days = ca['default_days'],
31 country = ca['country'],
33 ou = ca.get('ou', ''),
36 if not os.path.exists(dsa_parms_file):
37 openssl('dsaparam', '-out', dsa_parms_file, '1024')
38 logging.info('generated CA DSA parameters')
39 if not os.path.exists(ca_file):
40 openssl('req', '-new', '-keyout', ca_key_file,
41 '-config', conf_file, '-batch',
43 openssl('req', '-new', '-newkey', 'dsa:' + dsa_parms_file,
44 '-config', conf_file, '-batch',
45 '-keyout', ca_dsa_key_file,
46 '-out', ca_dsa_csr_file)
48 '-config', conf_file, '-batch',
49 '-keyfile', ca_key_file,
50 '-extensions', 'v3_ca',
52 '-infiles', ca_csr_file)
54 '-config', conf_file, '-batch',
55 '-keyfile', ca_dsa_key_file,
56 '-extensions', 'v3_ca', '-selfsign',
58 '-infiles', ca_dsa_csr_file)
59 open(ca_file, 'a').write(open(ca_dsa_file, 'r').read())
60 os.remove(ca_dsa_file)
61 logging.info('created CA certificates')
v.licheni.net / stack / cam.git / blob