Commit dc538cc3 authored by Maiken's avatar Maiken
Browse files

Added softlinks also to signing_policy file.

parent 4c2553f0
......@@ -78,13 +78,6 @@ class CertificateGenerator(object):
os.chmod(keyLocation, stat.S_IRUSR)
os.chmod(certLocation, stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP | stat.S_IROTH)
# Order of the -subject_hash and -subject_hash_old flags matters.
p_handle = popen(["openssl", "x509", "-subject_hash", "-subject_hash_old", "-noout", "-in", certLocation], self.verbose)
if p_handle["returncode"] == 0:
ca.subject_hash, ca.subject_hash_old = p_handle["stdout"].splitlines()
# Use relative location. Assume hash link does not already exist (.0).
os.symlink(name.replace(" ", "-") + ".pem", ca.subject_hash + ".0")
os.symlink(name.replace(" ", "-") + ".pem", ca.subject_hash_old + ".0")
ca.signingPolicyLocation = os.path.join(self.work_dir, name.replace(" ", "-") + ".signing_policy")
signing_policy = '''# EACL ARC Test Utility
......@@ -95,6 +88,18 @@ cond_subjects globus '"{cond_subject}/*"'
with open(ca.signingPolicyLocation, "w") as f_signing:
f_signing.write(signing_policy)
# Order of the -subject_hash and -subject_hash_old flags matters.
p_handle = popen(["openssl", "x509", "-subject_hash", "-subject_hash_old", "-noout", "-in", certLocation], self.verbose)
if p_handle["returncode"] == 0:
ca.subject_hash, ca.subject_hash_old = p_handle["stdout"].splitlines()
# Use relative location. Assume hash link does not already exist (.0).
os.symlink(name.replace(" ", "-") + ".pem", ca.subject_hash + ".0")
os.symlink(name.replace(" ", "-") + ".pem", ca.subject_hash_old + ".0")
os.symlink(name.replace(" ", "-") + ".signing_policy", ca.subject_hash + ".signing_policy")
os.symlink(name.replace(" ", "-") + ".signing_policy", ca.subject_hash_old + ".signing_policy")
return ca
def generateHostCertificate(self, hostname, prefix = "host", ca = None, validityperiod = 30, messagedigest = "sha1"):
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment