diff options
author | Seth Vidal <skvidal@fedoraproject.org> | 2007-09-25 16:16:49 -0400 |
---|---|---|
committer | Seth Vidal <skvidal@fedoraproject.org> | 2007-09-25 16:16:49 -0400 |
commit | 0cab664634d76d771eb88b33b1d94238c2c9a9df (patch) | |
tree | 7f5ff6ac7c9cfdc8c5b2a4c79138ae5bf4161862 /func/certmaster.py | |
parent | 4d36563e61ab0d0b6617aae18c9a6962701c6c59 (diff) | |
download | func-0cab664634d76d771eb88b33b1d94238c2c9a9df.tar.gz func-0cab664634d76d771eb88b33b1d94238c2c9a9df.tar.xz func-0cab664634d76d771eb88b33b1d94238c2c9a9df.zip |
make certmaster auto-create the ca key and cert on startup, if they are not present
Diffstat (limited to 'func/certmaster.py')
-rwxr-xr-x | func/certmaster.py | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/func/certmaster.py b/func/certmaster.py index 59bfd36..b12ecdb 100755 --- a/func/certmaster.py +++ b/func/certmaster.py @@ -61,12 +61,22 @@ class CertMaster(object): else: self.cfg.autosign = False self.cfg.listen_port = int(self.cfg.listen_port) + self.ca_key_file = '%s/funcmaster.key' % self.cfg.cadir + self.ca_cert_file = '%s/funcmaster.crt' % self.cfg.cadir + try: + if not os.path.exists(self.cfg.cadir): + os.makedirs(self.cfg.cadir) + # fixme - should we creating these separately? + if not os.path.exists(self.ca_key_file) and not os.path.exists(self.ca_cert_file): + func.certs.create_ca(ca_key_file=self.ca_key_file, ca_cert_file=self.ca_cert_file) + except (IOError, OsError), e: + print 'Cannot make certmaster certificate authority keys/certs, aborting: %s' % e + sys.exit(1) + # open up the cakey and cacert so we have them available - ca_key_file = '%s/funcmaster.key' % self.cfg.cadir - ca_cert_file = '%s/funcmaster.crt' % self.cfg.cadir - self.cakey = func.certs.retrieve_key_from_file(ca_key_file) - self.cacert = func.certs.retrieve_cert_from_file(ca_cert_file) + self.cakey = func.certs.retrieve_key_from_file(self.ca_key_file) + self.cacert = func.certs.retrieve_cert_from_file(self.ca_cert_file) for dirpath in [self.cfg.cadir, self.cfg.certroot, self.cfg.csrroot]: if not os.path.exists(dirpath): |