Revision 600535f0 lib/utils.py
| b/lib/utils.py | ||
|---|---|---|
| 1 | 1 |
# |
| 2 | 2 |
# |
| 3 | 3 |
|
| 4 |
# Copyright (C) 2006, 2007 Google Inc. |
|
| 4 |
# Copyright (C) 2006, 2007, 2010 Google Inc.
|
|
| 5 | 5 |
# |
| 6 | 6 |
# This program is free software; you can redistribute it and/or modify |
| 7 | 7 |
# it under the terms of the GNU General Public License as published by |
| ... | ... | |
| 3365 | 3365 |
return (key_pem, cert_pem) |
| 3366 | 3366 |
|
| 3367 | 3367 |
|
| 3368 |
def GenerateSelfSignedSslCert(filename, validity=(5 * 365)): |
|
| 3368 |
def GenerateSelfSignedSslCert(filename, common_name=constants.X509_CERT_CN, |
|
| 3369 |
validity=constants.X509_CERT_DEFAULT_VALIDITY): |
|
| 3369 | 3370 |
"""Legacy function to generate self-signed X509 certificate. |
| 3370 | 3371 |
|
| 3372 |
@type filename = str |
|
| 3373 |
@param filename = path to write certificate to |
|
| 3374 |
@type common_name: string |
|
| 3375 |
@param common_name: commonName value |
|
| 3376 |
@type validity: int |
|
| 3377 |
@param validity: validity of certificate in number of days |
|
| 3378 |
|
|
| 3371 | 3379 |
""" |
| 3372 |
(key_pem, cert_pem) = GenerateSelfSignedX509Cert(None, |
|
| 3380 |
# TODO: Investigate using the cluster name instead of X505_CERT_CN for |
|
| 3381 |
# common_name, as cluster-renames are very seldom, and it'd be nice if RAPI |
|
| 3382 |
# and node daemon certificates have the proper Subject/Issuer. |
|
| 3383 |
(key_pem, cert_pem) = GenerateSelfSignedX509Cert(common_name, |
|
| 3373 | 3384 |
validity * 24 * 60 * 60) |
| 3374 | 3385 |
|
| 3375 | 3386 |
WriteFile(filename, mode=0400, data=key_pem + cert_pem) |
Also available in: Unified diff