Add --out option to service, host and cert-show to save the cert to a file.

Override forward() to grab the result and if a certificate is in the entry and the file is writable then dump the certificate in PEM format. ticket 473
2025-02-25 18:55:28 -06:00 · 2010-12-10 10:53:20 -05:00
parent c9807f4b25
commit 5f8a9b9849
4 changed files with 131 additions and 1 deletions
--- a/ipalib/plugins/cert.py
+++ b/ipalib/plugins/cert.py
@@ -71,6 +71,8 @@ from ipalib import pkcs10
 from ipalib import x509
 from ipalib.plugins.virtual import *
 from ipalib.plugins.service import split_principal
+from ipalib.plugins.service import make_pem, check_writable_file
+from ipalib.plugins.service import write_certificate
 import base64
 import logging
 import traceback
@@ -414,6 +416,12 @@ class cert_show(VirtualCommand):
        ),
    )

+    takes_options = (
+        Str('out?',
+            doc=_('file to store certificate in'),
+        ),
+    )
+
    operation="retrieve certificate"

    def execute(self, serial_number):
@@ -443,6 +451,20 @@ class cert_show(VirtualCommand):

        return dict(result=result)

+    def forward(self, *keys, **options):
+        if 'out' in options:
+            check_writable_file(options['out'])
+            result = super(cert_show, self).forward(*keys, **options)
+            if 'usercertificate' in result['result']:
+                write_certificate(result['result']['usercertificate'][0], options['out'])
+                result['summary'] = _('Certificate stored in file \'%(file)s\'') % dict(file=options['out'])
+                return result
+            else:
+                raise errors.NoCertificateError(entry=keys[-1])
+        else:
+            return super(cert_show, self).forward(*keys, **options)
+
+
 api.register(cert_show)