Skip to content
Snippets Groups Projects
Commit a2480a21 authored by ale's avatar ale
Browse files

properly bundle the CA certificate within the PKCS12 file

parent d14b24b0
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 3 additions and 4 deletions
autovpn/vpn_app.py
+ 3
4
View file @ a2480a21
......@@ -136,15 +136,14 @@ Further info:
def to_pkcs12(crt_pem, key_pem, ca_pem):
"""Pack credentials into a PKCS12-format buffer."""
tmpdir = tempfile.mkdtemp()
bundle_pem = '\n'.join([ca_pem, crt_pem])
try:
for name, content in [
('crt.pem', crt_pem), ('key.pem', key_pem), ('ca.pem', ca_pem)]:
for name, content in [('bundle.pem', bundle_pem), ('key.pem', key_pem)]:
with open(os.path.join(tmpdir, name), 'w') as fd:
fd.write(content)
pipe = subprocess.Popen(
['openssl', 'pkcs12', '-export', '-password', 'pass:',
'-in', 'crt.pem', '-inkey', 'key.pem',
'-CAfile', 'ca.pem'],
'-in', 'bundle.pem', '-inkey', 'key.pem'],
cwd=tmpdir, stdout=subprocess.PIPE)
return pipe.communicate()[0]
finally:
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment