generate_certs.py 1.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778
  1. #!/usr/bin/env python
  2. from simple_roaming_certificate import gencerts
  3. import os,sys,getopt
  4. def main(argv):
  5. c=u'GB'
  6. st=u'England'
  7. l=u'Manchester'
  8. o=u'WorkPlace'
  9. ou=u'WorkUnit'
  10. cn=u'Placeholder'
  11. crldp=u'http://placeholder/crldp'
  12. passphrase=b'something'
  13. directory=u'/tmp'
  14. bits=2048
  15. try:
  16. opts, args = getopt.getopt(argv,"c:s:l:o:u:n:r:p:d:b:")
  17. except getopt.GetoptError:
  18. print "cli.py -c <County> -s <State> -l <Location> -o <Organisation> -ou <Organisation Unit> -n <CN> -r <CRLDP> -p <password> -d <Output Directory> -b<2048|4096>"
  19. sys.exit(2)
  20. for opt, arg in opts:
  21. if opt == '-c':
  22. c=unicode(arg, "utf-8")
  23. if opt == '-s':
  24. st=unicode(arg, "utf-8")
  25. if opt == '-l':
  26. l=unicode(arg, "utf-8")
  27. if opt == '-o':
  28. o=unicode(arg, "utf-8")
  29. if opt == '-u':
  30. ou=unicode(arg, "utf-8")
  31. if opt == '-n':
  32. cn=unicode(arg, "utf-8")
  33. if opt == '-r':
  34. crldp=unicode(arg, "utf-8")
  35. if opt == '-p':
  36. passphrase=arg
  37. if opt == '-d':
  38. directory=unicode(arg, "utf-8")
  39. if opt == '-b':
  40. bits=arg
  41. if not os.path.exists(directory):
  42. os.makedirs(directory)
  43. if not ( ( bits == 2048 ) or ( bits == 4096 ) ):
  44. print "Bits must be set to 2048 or 4096"
  45. sys.exit(2)
  46. csrsubject, cacert, cakey_enc, csrkey_enc, servercert, crlcert = gencerts(c,st,l,o,ou,cn,crldp,passphrase,bits)
  47. with open (directory + '/rootca.pem','w') as f:
  48. f.write(cacert)
  49. f.close
  50. with open (directory + '/root-key.pem','w') as f:
  51. f.write(cakey_enc)
  52. f.close
  53. with open (directory + '/server-cert.pem','w') as f:
  54. f.write(servercert)
  55. f.close
  56. with open (directory + '/server-key.pem','w') as f:
  57. f.write(csrkey_enc)
  58. f.close
  59. with open (directory + '/list.crl','w') as f:
  60. f.write(crlcert)
  61. f.close
  62. if __name__ == "__main__":
  63. main(sys.argv[1:])