#!/usr/bin/env python2import reimport sysimport subprocessdef which(progra

1. #!/usr/bin/env python2
2.  
3. import re
4. import sys
5. import subprocess
6.  
7. def which(program):
8. import os
9. def is_exe(fpath):
10. return os.path.isfile(fpath) and os.access(fpath, os.X_OK)
11.  
12. fpath, fname = os.path.split(program)
13. if fpath:
14. if is_exe(program):
15. return program
16. else:
17. for path in os.environ["PATH"].split(os.pathsep):
18. exe_file = os.path.join(path, program)
19. if is_exe(exe_file):
20. return exe_file
21.  
22. return None
23.  
24.  
25. i=0
26. ips_str=''
27. for val in sys.argv:
28. m = re.search(r'^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$',val)
29. if m:
30. i+=1
31. ips_str += 'IP.'+str(i)+' = '+str(m.group(0))+'\n'
32.  
33. if i==0:
34. print 'Usage:\t '+sys.argv[0]+' 127.0.0.1 192.168.88.1\n'
35. exit()
36.  
37. if which('openssl') is None:
38. print 'openssl is required'
39. exit()
40.  
41.  
42. subprocess.call(['openssl', 'genrsa', '-out', 'server.key', '2048'])
43. subprocess.call(['openssl', 'req', '-new', '-key', 'server.key', '-out', 'server.csr'])
44. subprocess.call(['openssl', 'x509', '-req', '-days 765', '-in', 'server.csr', '-signkey', 'server.key', '-out', 'server.crt'])
45. subprocess.call(['openssl', 'pkcs12', '-export', '-in', 'server.crt', '-inkey', 'server.key', '-out', 'server.pfx'])
46. subprocess.call(['openssl', 'req', '-text', '-noout', '-in', 'server.csr'])
47. subprocess.call(['openssl', 'req','-new', '-key','server.key', '-out','server.csr'])
48.  
49.  
50. with open('/etc/ssl/openssl.cnf', 'r') as content_file:
51. content = content_file.read()
52.  
53.  
54. content=re.sub(re.compile('\n(.*)(req_extensions.*)\n', re.MULTILINE),'\\2',content)
55. content=re.sub(re.compile('(\[\s+v3_req\s+\])(.*)\n', re.MULTILINE),'\\1\\2\nsubjectAltName = @alt_names\n',content)
56. content=re.sub(re.compile('\n(.*)(\[\s+v3_ca\s+\])(.*)\n', re.MULTILINE),'\n[alt_names]\n'+ips_str+'\n\\1\\2\\3',content)
57.  
58. with open("openssl.cnf", "w") as text_file:
59. text_file.write(content)
60.  
61. subprocess.call(['openssl', 'req', '-new', '-key', 'server.key', '-out', 'server.csr', '-config', 'openssl.cnf'])
62. subprocess.call(['openssl', 'x509', '-req', '-days', '765', '-in', 'server.csr', '-signkey', 'server.key', '-out', 'server.crt'])
63. subprocess.call(['openssl', 'x509', '-req', '-days', '765', '-in', 'server.csr', '-signkey', 'server.key', '-out', 'server.crt', '-extensions', 'v3_req', '-extfile', 'openssl.cnf'])