diff options
| author | Christian Breunig <christian@breunig.cc> | 2024-01-07 07:25:58 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-07 07:25:58 +0100 |
| commit | dff740f3cfb57757146d465d994499c552876359 (patch) | |
| tree | 6ad08283c75363f154fc8d1567b4a16bee8dd878 /src/op_mode | |
| parent | 31d824d9b6bce13ea8fa2a838d47cdf24b345fb1 (diff) | |
| parent | 9ab6665c80c30bf446d94620fc9d85b052d48072 (diff) | |
| download | vyos-1x-dff740f3cfb57757146d465d994499c552876359.tar.gz vyos-1x-dff740f3cfb57757146d465d994499c552876359.zip | |
Merge pull request #2758 from c-po/certbot-T5886
pki: T5886: add support for ACME protocol (LetsEncrypt)
Diffstat (limited to 'src/op_mode')
| -rwxr-xr-x | src/op_mode/pki.py | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/op_mode/pki.py b/src/op_mode/pki.py index 6c854afb5..ad2c1ada0 100755 --- a/src/op_mode/pki.py +++ b/src/op_mode/pki.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2021-2023 VyOS maintainers and contributors +# Copyright (C) 2021-2024 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -25,6 +25,7 @@ from cryptography import x509 from cryptography.x509.oid import ExtendedKeyUsageOID from vyos.config import Config +from vyos.config import config_dict_mangle_acme from vyos.pki import encode_certificate, encode_public_key, encode_private_key, encode_dh_parameters from vyos.pki import get_certificate_fingerprint from vyos.pki import create_certificate, create_certificate_request, create_certificate_revocation_list @@ -79,9 +80,14 @@ def get_config_certificate(name=None): if not conf.exists(base + ['private', 'key']) or not conf.exists(base + ['certificate']): return False - return conf.get_config_dict(base, key_mangling=('-', '_'), + pki = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True, no_tag_node_value_mangle=True) + if pki: + for certificate in pki: + pki[certificate] = config_dict_mangle_acme(certificate, pki[certificate]) + + return pki def get_certificate_ca(cert, ca_certs): # Find CA certificate for given certificate @@ -1073,7 +1079,9 @@ if __name__ == '__main__': show_crl(None if args.crl == 'all' else args.crl, args.pem) else: show_certificate_authority() + print('\n') show_certificate() + print('\n') show_crl() except KeyboardInterrupt: print("Aborted") |