diff --git a/examples/get_cert.py b/examples/get_cert.py index 345ebd4..22506f4 100644 --- a/examples/get_cert.py +++ b/examples/get_cert.py @@ -35,13 +35,23 @@ def main(): password = environ.get('TPPPASSWORD') url = environ.get('TPPURL') zone = environ.get("ZONE") - # connection will be chosen automatically based on what arguments are passed, - # If token is passed Venafi Cloud connection will be used. if user, password, and URL Venafi Platform (TPP) will - # be used. If none, test connection will be used. - conn = Connection(url=url, token=token, user=user, password=password) - # If your TPP server certificate signed with your own CA or available only via proxy you can specify requests vars - conn = Connection(url=url, token=token, user=user, password=password, - http_request_kwargs={"verify": False}) + fake = environ.get('FAKE') + + if fake: + # If fake set to true, test connection will be used. + conn = Connection(fake=True) + else: + # If your TPP server certificate signed with your own CA or available only via proxy you can specify requests vars + conn = Connection(url=url, token=token, user=user, password=password, + http_request_kwargs={"verify": False}) + # connection will be chosen automatically based on what arguments are passed, + # If token is passed Venafi Cloud connection will be used. if user, password, and URL Venafi Platform (TPP) will + # be used. + conn = Connection(url=url, token=token, user=user, password=password) + + + + print("Trying to ping url %s" % conn) status = conn.ping() diff --git a/setup.py b/setup.py index 84440c2..222752f 100644 --- a/setup.py +++ b/setup.py @@ -4,7 +4,7 @@ setup(name='vcert', - version='0.6.5', + version='0.6.7', url="https://github.com/Venafi/vcert-python", packages=['vcert'], install_requires=['requests', 'python-dateutil>=2.6.1', 'certvalidator', 'six', diff --git a/vcert/connection_fake.py b/vcert/connection_fake.py index b876815..0912bea 100644 --- a/vcert/connection_fake.py +++ b/vcert/connection_fake.py @@ -21,7 +21,8 @@ import time import uuid -from .common import CommonConnection +from .common import (ZoneConfig, CertificateRequest, CommonConnection, Policy, log_errors, MIME_JSON, MIME_TEXT, + MIME_ANY, CertField, KeyType, KeyTypes) from .pem import parse_pem from cryptography.hazmat.backends import default_backend @@ -134,6 +135,19 @@ def request_cert(self, request, zone): log.debug("Certificate sucessfully requested with request id %s." % request.id) return request + def read_zone_conf(self, tag): + policy = Policy() + policy.key_types = [KeyType(key_type="rsa",key_sizes=[1024, 2048, 4096, 8192])] + z = ZoneConfig( + organization=CertField(""), + organizational_unit=CertField(""), + country=CertField(""), + province=CertField(""), + locality=CertField(""), + policy=policy, + key_type=policy.key_types[0], + ) + return z def retrieve_cert(self, certificate_request): log.debug("Getting certificate status for id %s" % certificate_request.id) @@ -145,8 +159,6 @@ def retrieve_cert(self, certificate_request): root_ca_private_key = serialization.load_pem_private_key(ROOT_CA_KEY, password=None, backend=default_backend()) - end_entity_public_key = serialization.load_pem_public_key( - certificate_request.public_key_pem.encode(), default_backend()) # cn = x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, certificate_request.common_name)]) issuer = root_ca_certificate.issuer @@ -155,7 +167,7 @@ def retrieve_cert(self, certificate_request): ).issuer_name( issuer ).public_key( - end_entity_public_key + csr.public_key() ).serial_number( x509.random_serial_number() ).not_valid_before(