Commit ddc5e270 authored by Akeem Daly's avatar Akeem Daly
Browse files

Initial Commit

parent 0ae603de
import re
import os
from OpenSSL import crypto, SSL
#action="$1"
FQDN="${1}"
FQDN_UNDER = "$(echo ${FQDN} | sed "s/\./_/g")"
certPath = "/etc/ssl/certs"
keyPath= "/etc/ssl/private"
cert="${certPath}/${FQDN_UNDER}.cer"
csr="${certPath}/${FQDN_UNDER}.csr"
key="${keyPath}/${FQDN_UNDER}.key"
if [ ! -f "${cert}" ]; then
echo "error: cert doesn't exist"
exit 0
fi
if [ ! -f "${key}" ]; then
echo "error: key doesn't exist"
exit 0
fi
if [ -f "${csr}" ]; then
echo "info: backing up old signing request file"
cp "${csr}" "${csr}.bak$$"
fi
echo "Key: ${key}"
echo "Certificate: ${cert}"
echo "regenerating signing request for ${FQDN}"
openssl x509 -days 365 -x509toreq -in "${cert}" -out "${csr}" -signkey "${key}" <<EOF
US
California
Palo Alto
Stanford Medicine
Anesthesia IT
${FQDN}
anes-sysadmin@lists.stanford.edu
EOF
if [ -f "${csr}" ]; then
cat "${csr}"
echo "Success: Signing request created"
fi
# set file names
def name_parser(hostname):
pattern = re.compile(".stanford.edu/Z")
if pattern.match(hostname):
print()
key =
# subject data to use for TLS functions
def cert_subject(certificate, hostname):
certificate.get_subject().C = "US"
certificate.get_subject().ST = "California"
certificate.get_subject().L = "Palo Alto"
certificate.get_subject().O = "Stanford Medicine"
certificate.get_subject().OU = "Anesthesia IT"
certificate.get_subject().CN = hostname
# generate signing request
def signing_req(priv_key):
req = crypto.X509Req()
if os.path.exists(csrpath):
print "using existing key"
print csrpath
req.set_pubkey(priv_key)
req.sign(priv_key, "sha256")
f = open(cert_path, "w")
f.write(crypto.dump_certificate_request(crypto.FILETYPE_PEM, req))
f.close()
print("Success")
if __name__ == '__main__':
parser = argparse.ArgumentParser(description='Utility for Managing Certificates')
parser.add_argument('--domainname', dest='domain_name', action='store', required=True, help='Fully Qualified Domain Name Needed')
parser.add_argument('--certpath', dest='cert_path', action='store', default='/etc/ssl/certs', help='Path to Certificates')
parser.add_argument('--keypath', dest='key_path', action='store', default='/etc/ssl/private', help='Path to Private Keys')
uploadTypeGroup = parser.add_mutually_exclusive_group(required=True)
uploadTypeGroup.add_argument('--newcsr', dest='new_csr', action='store_true', help='New Signing Request')
args = parser.parse_args()
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment