API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 14th, 2016
47
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.48 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python
  2.  
  3. import os
  4. import pexpect
  5.  
  6. from argparse import ArgumentParser
  7.  
  8. ALLOWED_DIGESTS =[
  9. 'sha256',
  10. 'sha384',
  11. 'sha512'
  12. ]
  13.  
  14. if __name__ == '__main__':
  15. parser = ArgumentParser('Create x509 certificates for some custom domains')
  16.  
  17. #collect all domains
  18. parser.add_argument(
  19. 'domains',
  20. metavar='DOMAIN',
  21. type=str,
  22. help='domains to create certificates for.',
  23. nargs='+'
  24. )
  25.  
  26. #outdir?
  27. parser.add_argument('--outdir', action='store', default='.', help='Output Directory for all files')
  28.  
  29. #overwrite existing files?
  30. parser.add_argument('--overwrite', action='store_true', help='Overwrite existing files?')
  31.  
  32. #collect technical certificate information
  33. parser.add_argument('--keylen', action='store', default='4096', help='length of private key')
  34. parser.add_argument('--digest', action='store', default=ALLOWED_DIGESTS[0], help='digest to use for cert. can be: %s' % ', '.join(ALLOWED_DIGESTS))
  35. parser.add_argument('--days', action='store', default='365', help='number of days the certificate is valid')
  36.  
  37. #collect certificate metadata
  38. parser.add_argument('--country', action='store', required=True, help='Country Name (2 letter country code)')
  39. parser.add_argument('--state', action='store', required=True, help='State or Province Name')
  40. parser.add_argument('--locality', action='store', required=True, help='Locality Name')
  41. parser.add_argument('--company', action='store', required=True, help='Company or Organization Name')
  42. parser.add_argument('--unit', action='store', required=True, help='Organizational Unit')
  43. parser.add_argument('--email', action='store', required=True, help='Admin email address')
  44.  
  45. #parse arguments
  46. args = parser.parse_args()
  47.  
  48. #create all private keys and certs
  49. for domain in args.domains:
  50. keyfile = os.path.join(args.outdir, '%s.key' % domain)
  51.  
  52. if not args.overwrite and os.path.isfile(keyfile):
  53. print 'Skipping "%s". Already exists.' % keyfile
  54. else:
  55. print '%s "%s". ' % ('Overwriting' if os.path.isfile(keyfile) else 'Creating', keyfile)
  56. (stdout, retcode) = pexpect.run('openssl genrsa -out %s %s' % (keyfile, args.keylen), withexitstatus=1)
  57. if retcode != 0:
  58. raise StandardError('openssl exited unexpectedly\n--------------------------\n' + stdout)
  59.  
  60. certfile = os.path.join(args.outdir, '%s.crt' % domain)
  61.  
  62. if not args.overwrite and os.path.isfile(certfile):
  63. print 'Skipping "%s". Already exists.' % certfile
  64. else:
  65. print '%s "%s". ' % ('Overwriting' if os.path.isfile(certfile) else 'Creating', certfile)
  66.  
  67. p = pexpect.spawn('openssl req -new -x509 -key %s -days %s -%s -out %s' %
  68. (keyfile, args.days, args.digest, certfile),
  69. timeout=2, )
  70. p.expect('Country Name.*:')
  71. p.sendline(args.country)
  72. p.expect('State or Province Name.*:')
  73. p.sendline(args.state)
  74. p.expect('Locality Name.*:')
  75. p.sendline(args.locality)
  76. p.expect('Organization Name.*:')
  77. p.sendline(args.company)
  78. p.expect('Organizational Unit.*:')
  79. p.sendline(args.unit)
  80. p.expect('Common Name.*:')
  81. p.sendline(domain)
  82. p.expect('Email Address.*:')
  83. p.sendline(args.email)
  84. p.expect(pexpect.EOF)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!