#
#
-# Copyright (C) 2006, 2007, 2010, 2011 Google Inc.
+# Copyright (C) 2006, 2007, 2010, 2011, 2012 Google Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# Depending on the pyOpenSSL version, this can just return (None, None)
(not_before, not_after) = GetX509CertValidity(cert)
+ now = time.time() + constants.NODE_MAX_CLOCK_SKEW
+
return _VerifyCertificateInner(cert.has_expired(), not_before, not_after,
- time.time(), warn_days, error_days)
+ now, warn_days, error_days)
def SignX509Certificate(cert, key, salt):
@param common_name: commonName value
@type validity: int
@param validity: Validity for certificate in seconds
+ @return: a tuple of strings containing the PEM-encoded private key and
+ certificate
"""
# Create private and public key
@param common_name: commonName value
@type validity: int
@param validity: validity of certificate in number of days
+ @return: a tuple of strings containing the PEM-encoded private key and
+ certificate
"""
# TODO: Investigate using the cluster name instead of X505_CERT_CN for
validity * 24 * 60 * 60)
utils_io.WriteFile(filename, mode=0400, data=key_pem + cert_pem)
+ return (key_pem, cert_pem)