Adding cli command to clear out pending symantec certificates. (#1009)

This commit is contained in:
kevgliss 2017-12-04 10:04:12 -08:00 committed by GitHub
parent c402f1ff87
commit ecc0934657
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 37 additions and 1 deletions

View File

@ -285,6 +285,16 @@ def worker(data, commit, reason):
) )
@manager.command
def clear_pending():
"""
Function clears all pending certificates.
:return:
"""
v = plugins.get('verisign-issuer')
v.clear_pending_certificates()
@manager.option('-p', '--path', dest='path', help='Absolute file path to a Lemur query csv.') @manager.option('-p', '--path', dest='path', help='Absolute file path to a Lemur query csv.')
@manager.option('-r', '--reason', dest='reason', help='Reason to revoke certificate.') @manager.option('-r', '--reason', dest='reason', help='Reason to revoke certificate.')
@manager.option('-c', '--commit', dest='commit', action='store_true', default=False, help='Persist changes.') @manager.option('-c', '--commit', dest='commit', action='store_true', default=False, help='Persist changes.')

View File

@ -21,7 +21,6 @@ from lemur.plugins.bases import IssuerPlugin, SourcePlugin
from lemur.common.utils import get_psuedo_random_string from lemur.common.utils import get_psuedo_random_string
# https://support.venafi.com/entries/66445046-Info-VeriSign-Error-Codes # https://support.venafi.com/entries/66445046-Info-VeriSign-Error-Codes
VERISIGN_ERRORS = { VERISIGN_ERRORS = {
"0x30c5": "Domain Mismatch when enrolling for an SSL certificate, a domain in your request has not been added to verisign", "0x30c5": "Domain Mismatch when enrolling for an SSL certificate, a domain in your request has not been added to verisign",
@ -241,6 +240,33 @@ class VerisignIssuerPlugin(IssuerPlugin):
response = self.session.post(url, data=data) response = self.session.post(url, data=data)
return response.json()['certificateSummary'][0]['Pending'] return response.json()['certificateSummary'][0]['Pending']
def clear_pending_certificates(self):
"""
Uses Verisign to clear the pending certificates awaiting approval.
:return:
"""
url = current_app.config.get('VERISIGN_URL') + '/reportingws'
end = arrow.now()
start = end.replace(days=-7)
data = {
'reportType': 'detail',
'certProductType': 'Server',
'certStatus': 'Pending',
'startDate': start.format("MM/DD/YYYY"),
'endDate': end.format("MM/DD/YYYY")
}
response = self.session.post(url, data=data)
url = current_app.config.get('VERISIGN_URL') + '/rest/services/reject'
for order_id in response.json()['orderNumber']:
response = self.session.get(url, params={'transaction_id': order_id})
if response.status_code == 200:
print("Rejecting certificate. TransactionId: {}".format(order_id))
class VerisignSourcePlugin(SourcePlugin): class VerisignSourcePlugin(SourcePlugin):
title = 'Verisign' title = 'Verisign'