diff --git a/lemur/certificates/models.py b/lemur/certificates/models.py index 81dfa8d3..a9bb60cc 100644 --- a/lemur/certificates/models.py +++ b/lemur/certificates/models.py @@ -332,9 +332,8 @@ class Certificate(db.Model): return_extensions['authority_key_identifier'] = aki - # TODO: Don't support CRLDistributionPoints yet https://github.com/Netflix/lemur/issues/662 elif isinstance(value, x509.CRLDistributionPoints): - current_app.logger.warning('CRLDistributionPoints not yet supported for clone operation.') + return_extensions['crl_distribution_points'] = {'include_crl_dp': value} # TODO: Not supporting custom OIDs yet. https://github.com/Netflix/lemur/issues/665 else: diff --git a/lemur/schemas.py b/lemur/schemas.py index b897f378..9d1836cd 100644 --- a/lemur/schemas.py +++ b/lemur/schemas.py @@ -220,6 +220,14 @@ class CertificateInfoAccessSchema(BaseExtensionSchema): return {'includeAIA': data['include_aia']} +class CRLDistributionPointsSchema(BaseExtensionSchema): + include_crl_dp = fields.String() + + @post_dump + def handle_keys(self, data): + return {'includeCRLDP': data['include_crl_dp']} + + class SubjectKeyIdentifierSchema(BaseExtensionSchema): include_ski = fields.Boolean() @@ -240,13 +248,14 @@ class NamesSchema(BaseExtensionSchema): class ExtensionSchema(BaseExtensionSchema): - basic_constraints = BasicConstraintsExtension(missing={'ca': False}) + basic_constraints = BasicConstraintsExtension() # some devices balk on default basic constraints key_usage = KeyUsageExtension() extended_key_usage = ExtendedKeyUsageExtension() subject_key_identifier = fields.Nested(SubjectKeyIdentifierSchema) sub_alt_names = fields.Nested(NamesSchema) authority_key_identifier = fields.Nested(AuthorityKeyIdentifierSchema) certificate_info_access = fields.Nested(CertificateInfoAccessSchema) + crl_distribution_points = fields.Nested(CRLDistributionPointsSchema, dump_to='cRL_distribution_points') # FIXME: Convert custom OIDs to a custom field in fields.py like other Extensions # FIXME: Remove support in UI for Critical custom extensions https://github.com/Netflix/lemur/issues/665 custom = fields.List(fields.Nested(CustomOIDSchema)) diff --git a/lemur/static/app/angular/authorities/authority/extensions.tpl.html b/lemur/static/app/angular/authorities/authority/extensions.tpl.html index ac815b07..321d2ad8 100644 --- a/lemur/static/app/angular/authorities/authority/extensions.tpl.html +++ b/lemur/static/app/angular/authorities/authority/extensions.tpl.html @@ -160,7 +160,7 @@