Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python2
- import re
- import sys
- import subprocess
- def which(program):
- import os
- def is_exe(fpath):
- return os.path.isfile(fpath) and os.access(fpath, os.X_OK)
- fpath, fname = os.path.split(program)
- if fpath:
- if is_exe(program):
- return program
- else:
- for path in os.environ["PATH"].split(os.pathsep):
- exe_file = os.path.join(path, program)
- if is_exe(exe_file):
- return exe_file
- return None
- i=0
- ips_str=''
- for val in sys.argv:
- m = re.search(r'^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$',val)
- if m:
- i+=1
- ips_str += 'IP.'+str(i)+' = '+str(m.group(0))+'\n'
- if i==0:
- print 'Usage:\t '+sys.argv[0]+' 127.0.0.1 192.168.88.1\n'
- exit()
- if which('openssl') is None:
- print 'openssl is required'
- exit()
- subprocess.call(['openssl', 'genrsa', '-out', 'server.key', '2048'])
- subprocess.call(['openssl', 'req', '-new', '-key', 'server.key', '-out', 'server.csr'])
- subprocess.call(['openssl', 'x509', '-req', '-days 765', '-in', 'server.csr', '-signkey', 'server.key', '-out', 'server.crt'])
- subprocess.call(['openssl', 'pkcs12', '-export', '-in', 'server.crt', '-inkey', 'server.key', '-out', 'server.pfx'])
- subprocess.call(['openssl', 'req', '-text', '-noout', '-in', 'server.csr'])
- subprocess.call(['openssl', 'req','-new', '-key','server.key', '-out','server.csr'])
- with open('/etc/ssl/openssl.cnf', 'r') as content_file:
- content = content_file.read()
- content=re.sub(re.compile('\n(.*)(req_extensions.*)\n', re.MULTILINE),'\\2',content)
- content=re.sub(re.compile('(\[\s+v3_req\s+\])(.*)\n', re.MULTILINE),'\\1\\2\nsubjectAltName = @alt_names\n',content)
- content=re.sub(re.compile('\n(.*)(\[\s+v3_ca\s+\])(.*)\n', re.MULTILINE),'\n[alt_names]\n'+ips_str+'\n\\1\\2\\3',content)
- with open("openssl.cnf", "w") as text_file:
- text_file.write(content)
- subprocess.call(['openssl', 'req', '-new', '-key', 'server.key', '-out', 'server.csr', '-config', 'openssl.cnf'])
- subprocess.call(['openssl', 'x509', '-req', '-days', '765', '-in', 'server.csr', '-signkey', 'server.key', '-out', 'server.crt'])
- subprocess.call(['openssl', 'x509', '-req', '-days', '765', '-in', 'server.csr', '-signkey', 'server.key', '-out', 'server.crt', '-extensions', 'v3_req', '-extfile', 'openssl.cnf'])
Add Comment
Please, Sign In to add comment