Merge pull request #2982 from thousandeyes/fix-cryptography-intermediate-ca
Fix intermediate CA creation on cryptography plugin
This commit is contained in:
commit
91c0432cc2
|
@ -24,7 +24,12 @@ from lemur.certificates.service import create_csr
|
||||||
def build_certificate_authority(options):
|
def build_certificate_authority(options):
|
||||||
options["certificate_authority"] = True
|
options["certificate_authority"] = True
|
||||||
csr, private_key = create_csr(**options)
|
csr, private_key = create_csr(**options)
|
||||||
cert_pem, chain_cert_pem = issue_certificate(csr, options, private_key)
|
|
||||||
|
if options.get("parent"):
|
||||||
|
# Intermediate Cert Issuance
|
||||||
|
cert_pem, chain_cert_pem = issue_certificate(csr, options, None)
|
||||||
|
else:
|
||||||
|
cert_pem, chain_cert_pem = issue_certificate(csr, options, private_key)
|
||||||
|
|
||||||
return cert_pem, private_key, chain_cert_pem
|
return cert_pem, private_key, chain_cert_pem
|
||||||
|
|
||||||
|
|
|
@ -25,6 +25,31 @@ def test_build_certificate_authority():
|
||||||
assert chain_cert_pem == ""
|
assert chain_cert_pem == ""
|
||||||
|
|
||||||
|
|
||||||
|
def test_build_intermediate_certificate_authority(authority):
|
||||||
|
from lemur.plugins.lemur_cryptography.plugin import build_certificate_authority
|
||||||
|
|
||||||
|
options = {
|
||||||
|
"key_type": "RSA2048",
|
||||||
|
"country": "US",
|
||||||
|
"state": "CA",
|
||||||
|
"location": "Example place",
|
||||||
|
"organization": "Example, Inc.",
|
||||||
|
"organizational_unit": "Example Unit",
|
||||||
|
"common_name": "Example INTERMEDIATE",
|
||||||
|
"validity_start": arrow.get("2016-12-01").datetime,
|
||||||
|
"validity_end": arrow.get("2016-12-02").datetime,
|
||||||
|
"first_serial": 1,
|
||||||
|
"serial_number": 1,
|
||||||
|
"owner": "owner@example.com",
|
||||||
|
"parent": authority
|
||||||
|
}
|
||||||
|
cert_pem, private_key_pem, chain_cert_pem = build_certificate_authority(options)
|
||||||
|
|
||||||
|
assert cert_pem
|
||||||
|
assert private_key_pem
|
||||||
|
assert chain_cert_pem == authority.authority_certificate.body
|
||||||
|
|
||||||
|
|
||||||
def test_issue_certificate(authority):
|
def test_issue_certificate(authority):
|
||||||
from lemur.tests.vectors import CSR_STR
|
from lemur.tests.vectors import CSR_STR
|
||||||
from lemur.plugins.lemur_cryptography.plugin import issue_certificate
|
from lemur.plugins.lemur_cryptography.plugin import issue_certificate
|
||||||
|
|
Loading…
Reference in New Issue