summaryrefslogtreecommitdiff
path: root/src/op_mode/pki.py
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-05-26 14:02:39 +0200
committerGitHub <noreply@github.com>2024-05-26 14:02:39 +0200
commitb9cbf6cf35d100f6476dab2ae66403f64a700c37 (patch)
tree9868259a9aa3eb2dfd48dab98a87a77ecbadb4ee /src/op_mode/pki.py
parent609563d6acfeafbed46b1ac5e6bd497ce097e3bc (diff)
parentb6ee07c7efbb818787deba20116f4289853fb5c9 (diff)
downloadvyos-1x-b9cbf6cf35d100f6476dab2ae66403f64a700c37.tar.gz
vyos-1x-b9cbf6cf35d100f6476dab2ae66403f64a700c37.zip
Merge pull request #3518 from c-po/pki-t6400
op-mode: T6400: pki: unable to generate fingerprint for ACME issued certificates
Diffstat (limited to 'src/op_mode/pki.py')
-rwxr-xr-xsrc/op_mode/pki.py13
1 files changed, 5 insertions, 8 deletions
diff --git a/src/op_mode/pki.py b/src/op_mode/pki.py
index b1ca6ee29..361b60e0e 100755
--- a/src/op_mode/pki.py
+++ b/src/op_mode/pki.py
@@ -876,7 +876,7 @@ def show_certificate_authority(name=None, pem=False):
print("Certificate Authorities:")
print(tabulate.tabulate(data, headers))
-def show_certificate(name=None, pem=False):
+def show_certificate(name=None, pem=False, fingerprint_hash=None):
headers = ['Name', 'Type', 'Subject CN', 'Issuer CN', 'Issued', 'Expiry', 'Revoked', 'Private Key', 'CA Present']
data = []
certs = get_config_certificate()
@@ -897,6 +897,9 @@ def show_certificate(name=None, pem=False):
if name and pem:
print(encode_certificate(cert))
return
+ elif name and fingerprint_hash:
+ print(get_certificate_fingerprint(cert, fingerprint_hash))
+ return
ca_name = get_certificate_ca(cert, ca_certs)
cert_subject_cn = cert.subject.rfc4514_string().split(",")[0]
@@ -923,12 +926,6 @@ def show_certificate(name=None, pem=False):
print("Certificates:")
print(tabulate.tabulate(data, headers))
-def show_certificate_fingerprint(name, hash):
- cert = get_config_certificate(name=name)
- cert = load_certificate(cert['certificate'])
-
- print(get_certificate_fingerprint(cert, hash))
-
def show_crl(name=None, pem=False):
headers = ['CA Name', 'Updated', 'Revokes']
data = []
@@ -1074,7 +1071,7 @@ if __name__ == '__main__':
if args.fingerprint is None:
show_certificate(None if args.certificate == 'all' else args.certificate, args.pem)
else:
- show_certificate_fingerprint(args.certificate, args.fingerprint)
+ show_certificate(args.certificate, fingerprint_hash=args.fingerprint)
elif args.crl:
show_crl(None if args.crl == 'all' else args.crl, args.pem)
else: