mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 08:21:05 -06:00
Utilize the new dogtag library for retrieving the CA cert chain
This commit is contained in:
parent
8424ea8c03
commit
0dfb451c3f
@ -35,6 +35,7 @@ import httplib
|
||||
import urllib
|
||||
import xml.dom.minidom
|
||||
import stat
|
||||
from ipapython import dogtag
|
||||
|
||||
from nss.error import NSPRError
|
||||
import nss.nss as nss
|
||||
@ -690,21 +691,9 @@ class CAInstance(service.Service):
|
||||
stdout, stderr = self.__run_certutil(["-N"])
|
||||
|
||||
def __get_ca_chain(self):
|
||||
conn = httplib.HTTPConnection(self.host_name, 9180)
|
||||
conn.request("GET", "/ca/ee/ca/getCertChain")
|
||||
res = conn.getresponse()
|
||||
if res.status == 200:
|
||||
data = res.read()
|
||||
|
||||
doc = xml.dom.minidom.parseString(data)
|
||||
item_node = doc.getElementsByTagName("ChainBase64")
|
||||
chain = item_node[0].childNodes[0].data
|
||||
doc.unlink()
|
||||
conn.close()
|
||||
|
||||
return chain
|
||||
else:
|
||||
conn.close()
|
||||
try:
|
||||
return dogtag.get_ca_certchain()
|
||||
except:
|
||||
raise RuntimeError("Unable to retrieve CA chain")
|
||||
|
||||
def __create_ca_agent_pkcs12(self):
|
||||
|
Loading…
Reference in New Issue
Block a user