gimmecert Changeset - 4d880fa14dab

Changeset - 4d880fa14dab

Parent rev.

Child rev.

[Not reviewed]

0 4 0

Branko Majic (branko) - 6 years ago 2018-04-05 23:27:21
branko@majic.rs

GC-20: Added documentation for status command and fixed output when server/client certificates have been issued:

- Updated quickstart instructions.
- Added more detailed usage instructions describing what information
gets shown.
- Fixed issue with status command reporting no server/client
certificates have been issued even if this is not the case.

4 files changed with 56 insertions and 17 deletions:

docs/usage.rst

gimmecert/cli.py

gimmecert/commands.py

tests/test_commands.py

0 comments (0 inline, 0 general)

docs/usage.rst

➞

Show inline comments

   gimmecert renew server myserver1
   gimmecert renew server myclient1
 Show information about CA hierarchy and issued certificates::
   gimmecert status
 Initialisation
 --------------
@@ @@ -274,3 +278,28 @@ To also generate a new private key during renewal, use the @@
   gimmecert renew --new-private-key server myserver
   gimmecert renew -p server my server
 Getting information about CA hierarchy and issued certificates
 --------------------------------------------------------------
 In order to show information about the CA hierarchy and issued
 certificates simply run the status command::
   gimmecert status
 The command will:
 - Show information about every CA in generated hierarchy (subject DN,
   validity, certificate paths, whether the CA is used for issuing end
   entity certificates).
 - Show information about all issued server certificates (subject DN,
   DNS subject alternative names, validity, private key path,
   certificate path).
 - Show information about all issued client certificates (subject DN,
   validity, private key path, certificate path).
 Validity of all certificates is shown in UTC.
 Command can also be used for checking if Gimmecert has been
 initialised in local directory or not.

gimmecert/cli.py

➞

Show inline comments

@@ @@ -64,6 +64,9 @@ Examples: @@
     # Renew a TLS client certificate, preserving naming and private key.
     gimmecert renew client myclient
     # Show information about CA hierarchy and issued certificates.
     gimmecert status
 """

gimmecert/commands.py

➞

Show inline comments

@@ @@ -382,17 +382,18 @@ def status(stdout, stderr, project_directory): @@
     certificate_files = sorted([c for c in os.listdir(os.path.join(project_directory, '.gimmecert', 'server')) if c.endswith('.cert.pem')])
     for certificate_file in certificate_files:
         certificate = gimmecert.storage.read_certificate(os.path.join(project_directory, '.gimmecert', 'server', certificate_file))
     if certificate_files:
         for certificate_file in certificate_files:
             certificate = gimmecert.storage.read_certificate(os.path.join(project_directory, '.gimmecert', 'server', certificate_file))
         # Separator.
         print("", file=stdout)
             # Separator.
             print("", file=stdout)
         print(gimmecert.utils.dn_to_str(certificate.subject), file=stdout)
         print("    Validity: %s" % gimmecert.utils.date_range_to_str(certificate.not_valid_before, certificate.not_valid_after), file=stdout)
         print("    DNS: %s" % ", ".join(gimmecert.utils.get_dns_names(certificate)), file=stdout)
         print("    Private key: .gimmecert/server/%s" % certificate_file.replace('.cert.pem', '.key.pem'), file=stdout)
         print("    Certificate: .gimmecert/server/%s" % certificate_file, file=stdout)
             print(gimmecert.utils.dn_to_str(certificate.subject), file=stdout)
             print("    Validity: %s" % gimmecert.utils.date_range_to_str(certificate.not_valid_before, certificate.not_valid_after), file=stdout)
             print("    DNS: %s" % ", ".join(gimmecert.utils.get_dns_names(certificate)), file=stdout)
             print("    Private key: .gimmecert/server/%s" % certificate_file.replace('.cert.pem', '.key.pem'), file=stdout)
             print("    Certificate: .gimmecert/server/%s" % certificate_file, file=stdout)
     else:
         # Separator.
         print("", file=stdout)
@@ @@ -405,19 +406,23 @@ def status(stdout, stderr, project_directory): @@
     certificate_files = sorted([c for c in os.listdir(os.path.join(project_directory, '.gimmecert', 'client')) if c.endswith('.cert.pem')])
     for certificate_file in certificate_files:
         certificate = gimmecert.storage.read_certificate(os.path.join(project_directory, '.gimmecert', 'client', certificate_file))
     if certificate_files:
         for certificate_file in certificate_files:
             certificate = gimmecert.storage.read_certificate(os.path.join(project_directory, '.gimmecert', 'client', certificate_file))
         # Separator.
         print("", file=stdout)
             # Separator.
             print("", file=stdout)
         print(gimmecert.utils.dn_to_str(certificate.subject), file=stdout)
         print("    Validity: %s" % gimmecert.utils.date_range_to_str(certificate.not_valid_before, certificate.not_valid_after), file=stdout)
         print("    Private key: .gimmecert/client/%s" % certificate_file.replace('.cert.pem', '.key.pem'), file=stdout)
         print("    Certificate: .gimmecert/client/%s" % certificate_file, file=stdout)
             print(gimmecert.utils.dn_to_str(certificate.subject), file=stdout)
             print("    Validity: %s" % gimmecert.utils.date_range_to_str(certificate.not_valid_before, certificate.not_valid_after), file=stdout)
             print("    Private key: .gimmecert/client/%s" % certificate_file.replace('.cert.pem', '.key.pem'), file=stdout)
             print("    Certificate: .gimmecert/client/%s" % certificate_file, file=stdout)
     else:
         # Separator.
         print("", file=stdout)
         print("No client certificates have been issued.", file=stdout)
     # Separator. Helps separate terminal prompt from final line of output.
     print("", file=stdout)
     return ExitCode.SUCCESS

tests/test_commands.py

➞

Show inline comments

     assert status_code == gimmecert.commands.ExitCode.SUCCESS
     assert stderr == ""
     assert "Server certificates\n-------------------\n" in stdout
     assert "No server certificates" not in stdout
     index_myserver1 = stdout_lines.index("CN=myserver1")  # Should not raise
     index_myserver2 = stdout_lines.index("CN=myserver2")  # Should not raise
     assert status_code == gimmecert.commands.ExitCode.SUCCESS
     assert stderr == ""
     assert "Client certificates\n-------------------\n" in stdout
     assert "No client certificates" not in stdout
     index_myclient1 = stdout_lines.index("CN=myclient1")  # Should not raise
     index_myclient2 = stdout_lines.index("CN=myclient2")  # Should not raise

0 comments (0 inline, 0 general)