Adding the ability to issue third party created CSRs

2015-12-28 22:00:29 -05:00
parent 29bcde145c
commit cabe2ae18d
5 changed files with 25 additions and 11 deletions
--- a/lemur/certificates/service.py
+++ b/lemur/certificates/service.py
@ -140,7 +140,12 @@ def mint(issuer_options):

    issuer = plugins.get(authority.plugin_name)

-    csr, private_key = create_csr(issuer_options)
+    # allow the CSR to be specified by the user
+    if not issuer_options.get('csr'):
+        csr, private_key = create_csr(issuer_options)
+    else:
+        csr = issuer_options.get('csr')
+        private_key = None

    issuer_options['creator'] = g.user.email
    cert_body, cert_chain = issuer.create_certificate(csr, issuer_options)
--- a/lemur/certificates/views.py
+++ b/lemur/certificates/views.py
@ -192,6 +192,7 @@ class CertificatesList(AuthenticatedResource):
                "owner": "bob@example.com",
                "description": "test",
                "selectedAuthority": "timetest2",
+                "csr",
                "authority": {
                    "body": "-----BEGIN...",
                    "name": "timetest2",
@ -325,6 +326,7 @@ class CertificatesList(AuthenticatedResource):
        self.reqparse.add_argument('organizationalUnit', type=str, location='json', required=True)
        self.reqparse.add_argument('owner', type=str, location='json', required=True)
        self.reqparse.add_argument('commonName', type=str, location='json', required=True)
+        self.reqparse.add_argument('csr', type=str, location='json')

        args = self.reqparse.parse_args()