Merge pull request #188 from kevgliss/csr

Adding the ability to submit a third party CSR
2015-12-29 12:11:11 -08:00 · 2015-12-29 12:11:11 -08:00 · 00cb66484b
parent 665a3f3180 cabe2ae18d
commit 00cb66484b
4 changed files with 23 additions and 4 deletions
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@ -1,13 +1,11 @@
 Changelog
 =========

-
 0.2.1 - `master` _
 ~~~~~~~~~~~~~~~~~~

 .. note:: This version not yet released and is under active development

-
 0.2.0 - 2015-12-02
 ~~~~~~~~~~~~~~~~~~~

--- a/lemur/certificates/service.py
+++ b/lemur/certificates/service.py
@ -140,7 +140,12 @@ def mint(issuer_options):

    issuer = plugins.get(authority.plugin_name)

+    # allow the CSR to be specified by the user
+    if not issuer_options.get('csr'):
        csr, private_key = create_csr(issuer_options)
+    else:
+        csr = issuer_options.get('csr')
+        private_key = None

    issuer_options['creator'] = g.user.email
    cert_body, cert_chain = issuer.create_certificate(csr, issuer_options)
--- a/lemur/certificates/views.py
+++ b/lemur/certificates/views.py
@ -192,6 +192,7 @@ class CertificatesList(AuthenticatedResource):
                "owner": "bob@example.com",
                "description": "test",
                "selectedAuthority": "timetest2",
+                "csr",
                "authority": {
                    "body": "-----BEGIN...",
                    "name": "timetest2",
@ -325,6 +326,7 @@ class CertificatesList(AuthenticatedResource):
        self.reqparse.add_argument('organizationalUnit', type=str, location='json', required=True)
        self.reqparse.add_argument('owner', type=str, location='json', required=True)
        self.reqparse.add_argument('commonName', type=str, location='json', required=True)
+        self.reqparse.add_argument('csr', type=str, location='json')

        args = self.reqparse.parse_args()

--- a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
@ -48,7 +48,7 @@
        </div>
      </div>
    </div>
-    <div ng-show="certificate.authority" class="form-group">
+    <div class="form-group">
      <label class="control-label col-sm-2">
        Certificate Template
      </label>
@ -110,6 +110,20 @@
        </div>
      </div>
    </div>
+    <div class="form-group"
+         ng-class="{'has-error': trackingForm.csr.$invalid&&trackingForm.csr.$dirty, 'has-success': !trackingForm.csr.$invalid&&trackingForm.csr.$dirty}">
+      <label class="control-label col-sm-2">
+        Certificate Signing Request (CSR)
+      </label>
+      <div class="col-sm-10">
+                <textarea tooltip="Values defined in the CSR will take precedence" name="certificate signing request" ng-model="certificate.csr"
+                          placeholder="PEM encoded string..." class="form-control"
+                          ng-pattern="/^-----BEGIN CERTIFICATE REQUEST-----/"></textarea>
+
+        <p ng-show="trackingForm.csr.$invalid && !trackingForm.csr.$pristine"
+           class="help-block">Enter a valid certificate signing request.</p>
+      </div>
+    </div>
    <div ng-include="'angular/certificates/certificate/replaces.tpl.html'"></div>
    <div ng-include="'angular/certificates/certificate/notifications.tpl.html'"></div>
    <div ng-include="'angular/certificates/certificate/destinations.tpl.html'"></div>