Initial Commit

ddc5e270 · Akeem Daly · 0ae603de · ddc5e270
Commit ddc5e270 authored Oct 20, 2020 by Akeem Daly
--- a/cert_util.py
+++ b/cert_util.py
+import re
+import os
+from OpenSSL import crypto, SSL
+
+#action="$1"
+FQDN="${1}"
+FQDN_UNDER = "$(echo ${FQDN} | sed "s/\./_/g")"
+
+certPath = "/etc/ssl/certs"
+keyPath= "/etc/ssl/private"
+
+cert="${certPath}/${FQDN_UNDER}.cer"
+csr="${certPath}/${FQDN_UNDER}.csr"
+key="${keyPath}/${FQDN_UNDER}.key"
+
+if [ ! -f "${cert}" ]; then
+  echo "error: cert doesn't exist"
+  exit 0
+fi
+
+if [ ! -f "${key}" ]; then
+  echo "error: key doesn't exist"
+  exit 0
+fi
+
+if [ -f "${csr}" ]; then
+  echo "info: backing up old signing request file"
+  cp "${csr}" "${csr}.bak$$"
+fi
+
+echo "Key: ${key}"
+echo "Certificate: ${cert}"
+echo "regenerating signing request for ${FQDN}"
+
+openssl x509 -days 365 -x509toreq -in "${cert}" -out "${csr}" -signkey "${key}"  <<EOF
+US
+California
+Palo Alto
+Stanford Medicine
+Anesthesia IT
+${FQDN}
+anes-sysadmin@lists.stanford.edu
+
+
+
+EOF
+
+if [ -f "${csr}" ]; then
+  cat "${csr}"
+  echo "Success: Signing request created"
+fi
+
+# set file names
+def name_parser(hostname):
+    pattern = re.compile(".stanford.edu/Z")
+    if pattern.match(hostname):
+        print()
+
+    key =
+
+# subject data to use for TLS functions
+def cert_subject(certificate, hostname):
+    certificate.get_subject().C = "US"
+    certificate.get_subject().ST = "California"
+    certificate.get_subject().L = "Palo Alto"
+    certificate.get_subject().O = "Stanford Medicine"
+    certificate.get_subject().OU = "Anesthesia IT"
+    certificate.get_subject().CN = hostname
+
+# generate signing request
+def signing_req(priv_key):
+    req = crypto.X509Req()
+
+    if os.path.exists(csrpath):
+        print "using existing key"
+        print csrpath
+
+    req.set_pubkey(priv_key)
+    req.sign(priv_key, "sha256")
+
+    f = open(cert_path, "w")
+    f.write(crypto.dump_certificate_request(crypto.FILETYPE_PEM, req))
+    f.close()
+    print("Success")
+
+
+
+if __name__ == '__main__':
+    parser = argparse.ArgumentParser(description='Utility for Managing Certificates')
+    parser.add_argument('--domainname', dest='domain_name', action='store', required=True, help='Fully Qualified Domain Name Needed')
+    parser.add_argument('--certpath', dest='cert_path', action='store', default='/etc/ssl/certs', help='Path to Certificates')
+    parser.add_argument('--keypath', dest='key_path', action='store', default='/etc/ssl/private', help='Path to Private Keys')
+    uploadTypeGroup = parser.add_mutually_exclusive_group(required=True)
+    uploadTypeGroup.add_argument('--newcsr', dest='new_csr', action='store_true', help='New Signing Request')
+    args = parser.parse_args()