Adding the ability to issue third party created CSRs

This commit is contained in:
kevgliss 2015-12-28 22:00:29 -05:00
parent 29bcde145c
commit cabe2ae18d
5 changed files with 25 additions and 11 deletions

View File

@ -1,18 +1,11 @@
Changelog Changelog
========= =========
0.2.2 - `master` _ 0.2.1 - `master` _
~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~
.. note:: This version not yet released and is under active development .. note:: This version not yet released and is under active development
0.2.1 - 2015-12-14
~~~~~~~~~~~~~~~~~~
* Fixed an issue with email templates
* Fixed bug with search not refreshing values
* Cleaned up documentation, including working supervisor example (thanks rpicard!)
0.2.0 - 2015-12-02 0.2.0 - 2015-12-02
~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~

View File

@ -9,7 +9,7 @@ __title__ = "lemur"
__summary__ = ("Certificate management and orchestration service") __summary__ = ("Certificate management and orchestration service")
__uri__ = "https://github.com/Netflix/lemur" __uri__ = "https://github.com/Netflix/lemur"
__version__ = "0.2.1" __version__ = "0.2.1dev"
__author__ = "The Lemur developers" __author__ = "The Lemur developers"
__email__ = "security@netflix.com" __email__ = "security@netflix.com"

View File

@ -140,7 +140,12 @@ def mint(issuer_options):
issuer = plugins.get(authority.plugin_name) issuer = plugins.get(authority.plugin_name)
# allow the CSR to be specified by the user
if not issuer_options.get('csr'):
csr, private_key = create_csr(issuer_options) csr, private_key = create_csr(issuer_options)
else:
csr = issuer_options.get('csr')
private_key = None
issuer_options['creator'] = g.user.email issuer_options['creator'] = g.user.email
cert_body, cert_chain = issuer.create_certificate(csr, issuer_options) cert_body, cert_chain = issuer.create_certificate(csr, issuer_options)

View File

@ -192,6 +192,7 @@ class CertificatesList(AuthenticatedResource):
"owner": "bob@example.com", "owner": "bob@example.com",
"description": "test", "description": "test",
"selectedAuthority": "timetest2", "selectedAuthority": "timetest2",
"csr",
"authority": { "authority": {
"body": "-----BEGIN...", "body": "-----BEGIN...",
"name": "timetest2", "name": "timetest2",
@ -325,6 +326,7 @@ class CertificatesList(AuthenticatedResource):
self.reqparse.add_argument('organizationalUnit', type=str, location='json', required=True) self.reqparse.add_argument('organizationalUnit', type=str, location='json', required=True)
self.reqparse.add_argument('owner', type=str, location='json', required=True) self.reqparse.add_argument('owner', type=str, location='json', required=True)
self.reqparse.add_argument('commonName', type=str, location='json', required=True) self.reqparse.add_argument('commonName', type=str, location='json', required=True)
self.reqparse.add_argument('csr', type=str, location='json')
args = self.reqparse.parse_args() args = self.reqparse.parse_args()

View File

@ -48,7 +48,7 @@
</div> </div>
</div> </div>
</div> </div>
<div ng-show="certificate.authority" class="form-group"> <div class="form-group">
<label class="control-label col-sm-2"> <label class="control-label col-sm-2">
Certificate Template Certificate Template
</label> </label>
@ -110,6 +110,20 @@
</div> </div>
</div> </div>
</div> </div>
<div class="form-group"
ng-class="{'has-error': trackingForm.csr.$invalid&&trackingForm.csr.$dirty, 'has-success': !trackingForm.csr.$invalid&&trackingForm.csr.$dirty}">
<label class="control-label col-sm-2">
Certificate Signing Request (CSR)
</label>
<div class="col-sm-10">
<textarea tooltip="Values defined in the CSR will take precedence" name="certificate signing request" ng-model="certificate.csr"
placeholder="PEM encoded string..." class="form-control"
ng-pattern="/^-----BEGIN CERTIFICATE REQUEST-----/"></textarea>
<p ng-show="trackingForm.csr.$invalid && !trackingForm.csr.$pristine"
class="help-block">Enter a valid certificate signing request.</p>
</div>
</div>
<div ng-include="'angular/certificates/certificate/replaces.tpl.html'"></div> <div ng-include="'angular/certificates/certificate/replaces.tpl.html'"></div>
<div ng-include="'angular/certificates/certificate/notifications.tpl.html'"></div> <div ng-include="'angular/certificates/certificate/notifications.tpl.html'"></div>
<div ng-include="'angular/certificates/certificate/destinations.tpl.html'"></div> <div ng-include="'angular/certificates/certificate/destinations.tpl.html'"></div>