Format the cert gen helper

Use black to format this function and appease lint.

We should really use black on the full project
This commit is contained in:
Zedifus 2022-03-15 18:47:49 +00:00
parent 83c692beb5
commit a6e99347af

View File

@ -596,20 +596,20 @@ class Helpers:
def create_self_signed_cert(self, cert_dir=None): def create_self_signed_cert(self, cert_dir=None):
if cert_dir is None: if cert_dir is None:
cert_dir = os.path.join(self.config_dir, 'web', 'certs') cert_dir = os.path.join(self.config_dir, "web", "certs")
# create a directory if needed # create a directory if needed
self.ensure_dir_exists(cert_dir) self.ensure_dir_exists(cert_dir)
cert_file = os.path.join(cert_dir, 'commander.cert.pem') cert_file = os.path.join(cert_dir, "commander.cert.pem")
key_file = os.path.join(cert_dir, 'commander.key.pem') key_file = os.path.join(cert_dir, "commander.key.pem")
logger.info(f"SSL Cert File is set to: {cert_file}") logger.info(f"SSL Cert File is set to: {cert_file}")
logger.info(f"SSL Key File is set to: {key_file}") logger.info(f"SSL Key File is set to: {key_file}")
# don't create new files if we already have them. # don't create new files if we already have them.
if self.check_file_exists(cert_file) and self.check_file_exists(key_file): if self.check_file_exists(cert_file) and self.check_file_exists(key_file):
logger.info('Cert and Key files already exists, not creating them.') logger.info("Cert and Key files already exists, not creating them.")
return True return True
console.info("Generating a self signed SSL") console.info("Generating a self signed SSL")
@ -629,23 +629,33 @@ class Helpers:
cert.get_subject().O = "Crafty Controller" cert.get_subject().O = "Crafty Controller"
cert.get_subject().OU = "Server Ops" cert.get_subject().OU = "Server Ops"
cert.get_subject().CN = gethostname() cert.get_subject().CN = gethostname()
alt_names = ','.join([ f'DNS:{socket.gethostname()}', f'DNS:*.{socket.gethostname()}', 'DNS:localhost', 'DNS:*.localhost', 'DNS:127.0.0.1']).encode() alt_names = ",".join(
subjectAltNames_Ext = crypto.X509Extension(b'subjectAltName', False, alt_names) [
basicConstraints_Ext = crypto.X509Extension(b"basicConstraints", True, b"CA:false") f"DNS:{socket.gethostname()}",
f"DNS:*.{socket.gethostname()}",
"DNS:localhost",
"DNS:*.localhost",
"DNS:127.0.0.1",
]
).encode()
subjectAltNames_Ext = crypto.X509Extension(b"subjectAltName", False, alt_names)
basicConstraints_Ext = crypto.X509Extension(
b"basicConstraints", True, b"CA:false"
)
cert.add_extensions([subjectAltNames_Ext, basicConstraints_Ext]) cert.add_extensions([subjectAltNames_Ext, basicConstraints_Ext])
cert.set_serial_number(random.randint(1,255)) cert.set_serial_number(random.randint(1, 255))
cert.gmtime_adj_notBefore(0) cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(365 * 24 * 60 * 60) cert.gmtime_adj_notAfter(365 * 24 * 60 * 60)
cert.set_issuer(cert.get_subject()) cert.set_issuer(cert.get_subject())
cert.set_pubkey(k) cert.set_pubkey(k)
cert.set_version(2) cert.set_version(2)
cert.sign(k, 'sha256') cert.sign(k, "sha256")
f = open(cert_file, "w", encoding='utf-8') f = open(cert_file, "w", encoding="utf-8")
f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode()) f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode())
f.close() f.close()
f = open(key_file, "w", encoding='utf-8') f = open(key_file, "w", encoding="utf-8")
f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, k).decode()) f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, k).decode())
f.close() f.close()