From 2c22d42a57d7ac219fbacd6480d63cbf67af0b63 Mon Sep 17 00:00:00 2001
From: sayali <scharhate@netflix.com>
Date: Fri, 23 Oct 2020 17:06:42 -0700
Subject: [PATCH 1/2] Modify description during reissue Include the certificate
 ID being reissued and mention that this is created by Lemur as part of
 reissue

---
 lemur/certificates/service.py | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/lemur/certificates/service.py b/lemur/certificates/service.py
index 1716ccb2..b90d7e47 100644
--- a/lemur/certificates/service.py
+++ b/lemur/certificates/service.py
@@ -6,6 +6,7 @@
 .. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
 """
 import arrow
+import re
 from cryptography import x509
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives import hashes, serialization
@@ -778,6 +779,19 @@ def reissue_certificate(certificate, replace=None, user=None):
     if replace:
         primitives["replaces"] = [certificate]
 
+    # Modify description to include the certificate ID being reissued and mention that this is created by Lemur
+    # as part of reissue
+    reissue_message_prefix = "Reissued by Lemur for cert ID "
+    reissue_message = re.compile(f"{reissue_message_prefix}([0-9]+)")
+    if primitives["description"]:
+        match = reissue_message.search(primitives["description"])
+        if match:
+            primitives["description"] = primitives["description"].replace(match.group(1), str(certificate.id))
+        else:
+            primitives["description"] = f"{reissue_message_prefix}{certificate.id}, {primitives['description']}"
+    else:
+        primitives["description"] = f"{reissue_message_prefix}{certificate.id}"
+
     new_cert = create(**primitives)
 
     return new_cert

From 392725ff309609c7695de5860a409a9f794415d0 Mon Sep 17 00:00:00 2001
From: sayali <scharhate@netflix.com>
Date: Mon, 26 Oct 2020 15:33:20 -0700
Subject: [PATCH 2/2] Add description check in reissue unit test

---
 lemur/tests/test_certificates.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lemur/tests/test_certificates.py b/lemur/tests/test_certificates.py
index c271a97e..583022eb 100644
--- a/lemur/tests/test_certificates.py
+++ b/lemur/tests/test_certificates.py
@@ -802,6 +802,7 @@ def test_reissue_certificate(
     assert new_cert.organization != certificate.organization
     # Check for default value since authority does not have cab_compliant option set
     assert new_cert.organization == LEMUR_DEFAULT_ORGANIZATION
+    assert new_cert.description.startswith(f"Reissued by Lemur for cert ID {certificate.id}")
 
     # update cab_compliant option to false for crypto_authority to maintain subject details
     update_options(crypto_authority.id, '[{"name": "cab_compliant","value":false}]')