Return correct intermediate certificate on digicert creation. (#762)
This commit also removes the unused DIGICERT_INTERMEDIATE env var as it is not used.
This commit is contained in:
parent
05f4ae8e58
commit
604cd60dbe
@ -450,12 +450,6 @@ The following configuration properties are required to use the Digicert issuer p
|
||||
This is the Digicert organization ID tied to your API key
|
||||
|
||||
|
||||
.. data:: DIGICERT_INTERMEDIATE
|
||||
:noindex:
|
||||
|
||||
This is the intermediate to be used for your CA chain
|
||||
|
||||
|
||||
.. data:: DIGICERT_ROOT
|
||||
:noindex:
|
||||
|
||||
|
@ -241,7 +241,6 @@ class DigiCertSourcePlugin(SourcePlugin):
|
||||
'DIGICERT_URL',
|
||||
'DIGICERT_ORG_ID',
|
||||
'DIGICERT_ROOT',
|
||||
'DIGICERT_INTERMEDIATE'
|
||||
]
|
||||
validate_conf(current_app, required_vars)
|
||||
|
||||
@ -279,7 +278,6 @@ class DigiCertIssuerPlugin(IssuerPlugin):
|
||||
'DIGICERT_URL',
|
||||
'DIGICERT_ORG_ID',
|
||||
'DIGICERT_ROOT',
|
||||
'DIGICERT_INTERMEDIATE'
|
||||
]
|
||||
|
||||
validate_conf(current_app, required_vars)
|
||||
@ -317,10 +315,10 @@ class DigiCertIssuerPlugin(IssuerPlugin):
|
||||
|
||||
certificate_id = get_certificate_id(self.session, base_url, order_id)
|
||||
|
||||
# retrieve ceqrtificate
|
||||
# retrieve certificate
|
||||
certificate_url = "{0}/services/v2/certificate/{1}/download/format/pem_all".format(base_url, certificate_id)
|
||||
end_entity, intermediate, root = pem.parse(self.session.get(certificate_url).content)
|
||||
return "\n".join(str(end_entity).splitlines()), "\n".join(str(end_entity).splitlines())
|
||||
return "\n".join(str(end_entity).splitlines()), "\n".join(str(intermediate).splitlines())
|
||||
|
||||
@staticmethod
|
||||
def create_authority(options):
|
||||
|
@ -1,5 +1,6 @@
|
||||
import pytest
|
||||
import arrow
|
||||
import json
|
||||
from freezegun import freeze_time
|
||||
|
||||
from lemur.tests.vectors import CSR_STR
|
||||
@ -146,3 +147,32 @@ def test_signature_hash(app):
|
||||
|
||||
with pytest.raises(Exception):
|
||||
signature_hash('sdfdsf')
|
||||
|
||||
|
||||
def test_issuer_plugin_create_certificate():
|
||||
import requests_mock
|
||||
from lemur.plugins.lemur_digicert.plugin import DigiCertIssuerPlugin
|
||||
|
||||
pem_fixture = """\
|
||||
-----BEGIN CERTIFICATE-----
|
||||
abc
|
||||
-----END CERTIFICATE-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
def
|
||||
-----END CERTIFICATE-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
ghi
|
||||
-----END CERTIFICATE-----
|
||||
"""
|
||||
|
||||
subject = DigiCertIssuerPlugin()
|
||||
adapter = requests_mock.Adapter()
|
||||
adapter.register_uri('POST', 'mock://www.digicert.com/services/v2/order/certificate/ssl', text=json.dumps({'id': 'id123'}))
|
||||
adapter.register_uri('GET', 'mock://www.digicert.com/services/v2/order/certificate/id123', text=json.dumps({'status': 'issued', 'certificate': {'id': 'cert123'}}))
|
||||
adapter.register_uri('GET', 'mock://www.digicert.com/services/v2/certificate/cert123/download/format/pem_all', text=pem_fixture)
|
||||
subject.session.mount('mock', adapter)
|
||||
|
||||
cert, intermediate = subject.create_certificate("", {'common_name': 'test.com'})
|
||||
|
||||
assert cert == "-----BEGIN CERTIFICATE-----\nabc\n-----END CERTIFICATE-----"
|
||||
assert intermediate == "-----BEGIN CERTIFICATE-----\ndef\n-----END CERTIFICATE-----"
|
||||
|
@ -68,11 +68,10 @@ LEMUR_INSTANCE_PROFILE = 'Lemur'
|
||||
# CLOUDCA_DEFAULT_VALIDITY = 2
|
||||
|
||||
|
||||
DIGICERT_URL = 'https://www.digicert.com'
|
||||
DIGICERT_URL = 'mock://www.digicert.com'
|
||||
DIGICERT_API_KEY = 'api-key'
|
||||
DIGICERT_ORG_ID = 111111
|
||||
DIGICERT_ROOT = "ROOT"
|
||||
DIGICERT_INTERMEDIATE = "INTERMEDIATE"
|
||||
|
||||
|
||||
VERISIGN_URL = 'http://example.com'
|
||||
|
Loading…
Reference in New Issue
Block a user