support for cross-signed subCA

This commit is contained in:
Hossein Shafagh 2021-01-15 16:49:14 -08:00
parent 88e587af11
commit fef7c7a907
1 changed files with 4 additions and 1 deletions

View File

@ -9,7 +9,7 @@ from lemur.constants import CRLReason
from lemur.plugins import lemur_entrust as entrust from lemur.plugins import lemur_entrust as entrust
from lemur.plugins.bases import IssuerPlugin, SourcePlugin from lemur.plugins.bases import IssuerPlugin, SourcePlugin
from lemur.extensions import metrics from lemur.extensions import metrics
from lemur.common.utils import validate_conf from lemur.common.utils import validate_conf, get_key_type_from_certificate
def log_status_code(r, *args, **kwargs): def log_status_code(r, *args, **kwargs):
@ -251,6 +251,9 @@ class EntrustIssuerPlugin(IssuerPlugin):
else: else:
chain = response_dict['chainCerts'][1] chain = response_dict['chainCerts'][1]
if current_app.config.get("ENTRUST_CROSS_SIGNED_RSA") and get_key_type_from_certificate(cert) == "RSA2048":
chain = current_app.config.get("ENTRUST_CROSS_SIGNED_RSA")
log_data["message"] = "Received Chain" log_data["message"] = "Received Chain"
log_data["options"] = f"chain: {chain}" log_data["options"] = f"chain: {chain}"
current_app.logger.info(log_data) current_app.logger.info(log_data)