|
@@ -13,11 +13,12 @@ def main(argv):
|
|
|
crldp=u'http://placeholder/crldp'
|
|
|
passphrase=b'something'
|
|
|
directory=u'/tmp'
|
|
|
+ bits=2048
|
|
|
|
|
|
try:
|
|
|
- opts, args = getopt.getopt(argv,"c:s:l:o:u:n:r:p:d:")
|
|
|
+ opts, args = getopt.getopt(argv,"c:s:l:o:u:n:r:p:d:b:")
|
|
|
except getopt.GetoptError:
|
|
|
- print "cli.py -c <County> -s <State> -l <Location> -o <Organisation> -ou <Organisation Unit> -n <CN> -r <CRLDP> -p <password> -d <Output Directory>"
|
|
|
+ print "cli.py -c <County> -s <State> -l <Location> -o <Organisation> -ou <Organisation Unit> -n <CN> -r <CRLDP> -p <password> -d <Output Directory> -b<2048|4096>"
|
|
|
sys.exit(2)
|
|
|
for opt, arg in opts:
|
|
|
if opt == '-c':
|
|
@@ -38,11 +39,17 @@ def main(argv):
|
|
|
passphrase=arg
|
|
|
if opt == '-d':
|
|
|
directory=unicode(arg, "utf-8")
|
|
|
+ if opt == '-b':
|
|
|
+ bits=arg
|
|
|
|
|
|
if not os.path.exists(directory):
|
|
|
os.makedirs(directory)
|
|
|
-
|
|
|
- csrsubject, cacert, cakey_enc, csrkey_enc, servercert, csrcert, crlcert = gencerts(c,st,l,o,ou,cn,crldp,passphrase)
|
|
|
+
|
|
|
+ if not ( ( bits == 2048 ) or ( bits == 4096 ) ):
|
|
|
+ print "Bits must be set to 2048 or 4096"
|
|
|
+ sys.exit(2)
|
|
|
+
|
|
|
+ csrsubject, cacert, cakey_enc, csrkey_enc, servercert, csrcert, crlcert = gencerts(c,st,l,o,ou,cn,crldp,passphrase,bits)
|
|
|
|
|
|
with open (directory + '/rootca.pem','w') as f:
|
|
|
f.write(cacert)
|