IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Utilize the new dogtag library for retrieving the CA cert chain

Browse Source
This commit is contained in:
Rob Crittenden
2009-04-22 14:36:51 -04:00
parent 8424ea8c03
commit 0dfb451c3f
1 changed files with 4 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
ipaserver/install/cainstance.py
View File

@@ -35,6 +35,7 @@ import httplib
import urllib import urllib
import xml.dom.minidom import xml.dom.minidom
import stat import stat
from ipapython import dogtag
from nss.error import NSPRError from nss.error import NSPRError
import nss.nss as nss import nss.nss as nss
@@ -690,21 +691,9 @@ class CAInstance(service.Service):
stdout, stderr = self.__run_certutil(["-N"]) stdout, stderr = self.__run_certutil(["-N"])
def __get_ca_chain(self): def __get_ca_chain(self):
conn = httplib.HTTPConnection(self.host_name, 9180) try:
conn.request("GET", "/ca/ee/ca/getCertChain") return dogtag.get_ca_certchain()
res = conn.getresponse() except:
if res.status == 200:
data = res.read()
doc = xml.dom.minidom.parseString(data)
item_node = doc.getElementsByTagName("ChainBase64")
chain = item_node[0].childNodes[0].data
doc.unlink()
conn.close()
return chain
else:
conn.close()
raise RuntimeError("Unable to retrieve CA chain") raise RuntimeError("Unable to retrieve CA chain")
def __create_ca_agent_pkcs12(self): def __create_ca_agent_pkcs12(self):