Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
A
acme-dns-tiny
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
1
Issues
1
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Adrien Dorsaz
acme-dns-tiny
Commits
7fda2726
Commit
7fda2726
authored
Feb 28, 2017
by
Adrien Dorsaz
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
account rollover: update example and coding style
parent
77a2b69a
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
11 additions
and
11 deletions
+11
-11
tests/config_factory.py
tests/config_factory.py
+1
-1
tests/test_acme_account_rollover.py
tests/test_acme_account_rollover.py
+2
-2
tools/acme_account_rollover.py
tools/acme_account_rollover.py
+8
-8
No files found.
tests/config_factory.py
View file @
7fda2726
...
...
@@ -118,7 +118,7 @@ def generate_acme_dns_tiny_config():
"accountcsr"
:
account_csr
}
# generate
account and domain keys
# generate
two account keys to roll over them
def
generate_acme_account_rollover_config
():
# Old account key
old_account_key
=
NamedTemporaryFile
()
...
...
tests/test_acme_account_rollover.py
View file @
7fda2726
...
...
@@ -32,8 +32,8 @@ class TestACMEAccountRollover(unittest.TestCase):
def
test_success_account_rollover
(
self
):
""" Test success account key rollover """
tools
.
acme_account_rollover
.
main
([
"--current
-account-key
"
,
self
.
configs
[
'oldaccountkey'
].
name
,
"--new
-account-key
"
,
self
.
configs
[
'newaccountkey'
].
name
,
tools
.
acme_account_rollover
.
main
([
"--current"
,
self
.
configs
[
'oldaccountkey'
].
name
,
"--new"
,
self
.
configs
[
'newaccountkey'
].
name
,
"--acme-directory"
,
ACMEDirectory
])
self
.
assertLoggedInfo
(
"Account keys rolled over !"
)
...
...
tools/acme_account_rollover.py
View file @
7fda2726
...
...
@@ -65,7 +65,7 @@ def account_rollover(accountkeypath, new_accountkeypath, acme_directory, log=LOG
return
resp
.
getcode
(),
resp
.
read
(),
resp
.
getheaders
()
log
.
info
(
"Parsing current account key..."
)
cur_
jws_header
=
_jws_header
(
accountkeypath
)
jws_header
=
_jws_header
(
accountkeypath
)
log
.
info
(
"Parsing new account key..."
)
new_jws_header
=
_jws_header
(
new_accountkeypath
)
...
...
@@ -76,7 +76,7 @@ def account_rollover(accountkeypath, new_accountkeypath, acme_directory, log=LOG
jws_nonce
=
None
log
.
info
(
"Register account to get account URL."
)
code
,
result
,
headers
=
_send_signed_request
(
accountkeypath
,
cur_
jws_header
,
acme_config
[
"new-reg"
],
{
code
,
result
,
headers
=
_send_signed_request
(
accountkeypath
,
jws_header
,
acme_config
[
"new-reg"
],
{
"resource"
:
"new-reg"
})
...
...
@@ -90,7 +90,7 @@ def account_rollover(accountkeypath, new_accountkeypath, acme_directory, log=LOG
"account"
:
account_url
,
"newKey"
:
new_jws_header
[
"jwk"
]})
outer_payload
[
"resource"
]
=
"key-change"
# currently needed by boulder implementation
code
,
result
,
headers
=
_send_signed_request
(
accountkeypath
,
cur_
jws_header
,
acme_config
[
"key-change"
],
outer_payload
)
code
,
result
,
headers
=
_send_signed_request
(
accountkeypath
,
jws_header
,
acme_config
[
"key-change"
],
outer_payload
)
if
code
!=
200
:
raise
ValueError
(
"Error rolling over account key: {0} {1}"
.
format
(
code
,
result
))
...
...
@@ -107,17 +107,17 @@ PLEASE READ THROUGH IT!
It's around 150 lines, so it won't take long.
=== Example Usage ===
R
emove account.key from staging Let's Encrypt
:
python3 acme_account_
delete.py --current-account-key account.key --new-account-key
newaccount.key --acme-directory https://acme-staging.api.letsencrypt.org/directory"""
R
ollover account.keys from account.key to newaccount.key
:
python3 acme_account_
rollover.py --current account.key --new
newaccount.key --acme-directory https://acme-staging.api.letsencrypt.org/directory"""
)
parser
.
add_argument
(
"--current
-account-key
"
,
required
=
True
,
help
=
"path to the current private account key"
)
parser
.
add_argument
(
"--new
-account-key
"
,
required
=
True
,
help
=
"path to the newer private account key to register"
)
parser
.
add_argument
(
"--current"
,
required
=
True
,
help
=
"path to the current private account key"
)
parser
.
add_argument
(
"--new"
,
required
=
True
,
help
=
"path to the newer private account key to register"
)
parser
.
add_argument
(
"--acme-directory"
,
required
=
True
,
help
=
"ACME directory URL of the ACME server where to remove the key"
)
parser
.
add_argument
(
"--quiet"
,
action
=
"store_const"
,
const
=
logging
.
ERROR
,
help
=
"suppress output except for errors"
)
args
=
parser
.
parse_args
(
argv
)
LOGGER
.
setLevel
(
args
.
quiet
or
LOGGER
.
level
)
account_rollover
(
args
.
current
_account_key
,
args
.
new_account_key
,
args
.
acme_directory
)
account_rollover
(
args
.
current
,
args
.
new
,
args
.
acme_directory
)
if
__name__
==
"__main__"
:
# pragma: no cover
main
(
sys
.
argv
[
1
:])
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment