Add CN and L options to get-csr action
Add the common_name and locality option(s) for when creating new Certificate Signing Requests. Closes-Bug: 1882599 Change-Id: I1900b942ed6a409252b35c539c70226c32ed53e3
This commit is contained in:
parent
dc9a20cdea
commit
7916e44f1c
|
@ -29,6 +29,14 @@ get-csr:
|
|||
type: string
|
||||
description: >-
|
||||
The OU (OrganizationalUnit) values in the subject field of the CSR.
|
||||
common-name:
|
||||
type: string
|
||||
description: >-
|
||||
The CN (Common Name) values in the subject field of the CSR.
|
||||
locality:
|
||||
type: string
|
||||
description: >-
|
||||
The L (Locality) values in the subject field of the CSR.
|
||||
upload-signed-csr:
|
||||
description: Upload a signed csr to vault
|
||||
properties:
|
||||
|
|
|
@ -62,6 +62,8 @@ def get_intermediate_csrs(*args):
|
|||
csrs = vault_pki.get_csr(
|
||||
ttl=action_config.get('ttl'),
|
||||
country=action_config.get('country'),
|
||||
common_name=action_config.get('common-name'),
|
||||
locality=action_config.get('locality'),
|
||||
province=action_config.get('province'),
|
||||
organization=action_config.get('organization'),
|
||||
organizational_unit=action_config.get('organizational-unit'))
|
||||
|
|
|
@ -132,7 +132,8 @@ def generate_certificate(cert_type, common_name, sans, ttl, max_ttl):
|
|||
return response['data']
|
||||
|
||||
|
||||
def get_csr(ttl=None, country=None, province=None,
|
||||
def get_csr(ttl=None, common_name=None, locality=None,
|
||||
country=None, province=None,
|
||||
organization=None, organizational_unit=None):
|
||||
"""Generate a csr for the vault Intermediate Authority
|
||||
|
||||
|
@ -151,20 +152,26 @@ def get_csr(ttl=None, country=None, province=None,
|
|||
:param organizational_unit: The OU (OrganizationalUnit) values in the
|
||||
subject field of the CSR.
|
||||
:type organizational_unit: string
|
||||
:param common_name: The CN (Common_Name) values in the
|
||||
subject field of the CSR.
|
||||
:param locality: The L (Locality) values in the
|
||||
subject field of the CSR.
|
||||
:returns: Certificate signing request
|
||||
:rtype: string
|
||||
"""
|
||||
client = vault.get_local_client()
|
||||
configure_pki_backend(client, CHARM_PKI_MP)
|
||||
config = {
|
||||
'common_name': ("Vault Intermediate Certificate Authority "
|
||||
"({})".format(CHARM_PKI_MP)),
|
||||
# Year - 1 hour
|
||||
'ttl': ttl or '87599h',
|
||||
'country': country,
|
||||
'province': province,
|
||||
'ou': organizational_unit,
|
||||
'organization': organization}
|
||||
'organization': organization,
|
||||
'common_name': common_name or ("Vault Intermediate Certificate "
|
||||
"Authority " "({})".format(CHARM_PKI_MP)
|
||||
),
|
||||
'locality': locality}
|
||||
config = {k: v for k, v in config.items() if v}
|
||||
csr_info = client.write(
|
||||
'{}/intermediate/generate/internal'.format(CHARM_PKI_MP),
|
||||
|
|
|
@ -204,6 +204,7 @@ class TestLibCharmVaultPKI(unit_tests.test_utils.CharmTestCase):
|
|||
vault_pki.get_csr(
|
||||
ttl='2h',
|
||||
country='GB',
|
||||
locality='here',
|
||||
province='Kent',
|
||||
organizational_unit='My Department',
|
||||
organization='My Company'),
|
||||
|
@ -213,6 +214,7 @@ class TestLibCharmVaultPKI(unit_tests.test_utils.CharmTestCase):
|
|||
common_name=('Vault Intermediate Certificate Authority '
|
||||
'(charm-pki-local)'),
|
||||
country='GB',
|
||||
locality='here',
|
||||
organization='My Company',
|
||||
ou='My Department',
|
||||
province='Kent',
|
||||
|
|
Loading…
Reference in New Issue