From ecc0934657148e94ce29994233ca331574e601b0 Mon Sep 17 00:00:00 2001 From: kevgliss Date: Mon, 4 Dec 2017 10:04:12 -0800 Subject: [PATCH] Adding cli command to clear out pending symantec certificates. (#1009) --- lemur/certificates/cli.py | 10 +++++++++ lemur/plugins/lemur_verisign/plugin.py | 28 +++++++++++++++++++++++++- 2 files changed, 37 insertions(+), 1 deletion(-) diff --git a/lemur/certificates/cli.py b/lemur/certificates/cli.py index 69fdbafc..7bebfc97 100644 --- a/lemur/certificates/cli.py +++ b/lemur/certificates/cli.py @@ -285,6 +285,16 @@ def worker(data, commit, reason): ) +@manager.command +def clear_pending(): + """ + Function clears all pending certificates. + :return: + """ + v = plugins.get('verisign-issuer') + v.clear_pending_certificates() + + @manager.option('-p', '--path', dest='path', help='Absolute file path to a Lemur query csv.') @manager.option('-r', '--reason', dest='reason', help='Reason to revoke certificate.') @manager.option('-c', '--commit', dest='commit', action='store_true', default=False, help='Persist changes.') diff --git a/lemur/plugins/lemur_verisign/plugin.py b/lemur/plugins/lemur_verisign/plugin.py index c4a484a5..d02fd8e5 100644 --- a/lemur/plugins/lemur_verisign/plugin.py +++ b/lemur/plugins/lemur_verisign/plugin.py @@ -21,7 +21,6 @@ from lemur.plugins.bases import IssuerPlugin, SourcePlugin from lemur.common.utils import get_psuedo_random_string - # https://support.venafi.com/entries/66445046-Info-VeriSign-Error-Codes VERISIGN_ERRORS = { "0x30c5": "Domain Mismatch when enrolling for an SSL certificate, a domain in your request has not been added to verisign", @@ -241,6 +240,33 @@ class VerisignIssuerPlugin(IssuerPlugin): response = self.session.post(url, data=data) return response.json()['certificateSummary'][0]['Pending'] + def clear_pending_certificates(self): + """ + Uses Verisign to clear the pending certificates awaiting approval. + + :return: + """ + url = current_app.config.get('VERISIGN_URL') + '/reportingws' + + end = arrow.now() + start = end.replace(days=-7) + + data = { + 'reportType': 'detail', + 'certProductType': 'Server', + 'certStatus': 'Pending', + 'startDate': start.format("MM/DD/YYYY"), + 'endDate': end.format("MM/DD/YYYY") + } + response = self.session.post(url, data=data) + + url = current_app.config.get('VERISIGN_URL') + '/rest/services/reject' + for order_id in response.json()['orderNumber']: + response = self.session.get(url, params={'transaction_id': order_id}) + + if response.status_code == 200: + print("Rejecting certificate. TransactionId: {}".format(order_id)) + class VerisignSourcePlugin(SourcePlugin): title = 'Verisign'