def create_ca(self):
""" Create a new CA """
temp_ca_key_file = '/tmp/{}'.format(self.ca_name)
temp_ca_cert_file = '{}.pub'.format(temp_ca_key_file)
ca_key_file = self.full_path(self.ca_path, self.ca_name)
ca_cert_file = '{}.pub'.format(ca_key_file)
subprocess.call(['ssh-keygen',
'-f', temp_ca_key_file,
'-q', '-P', ''])
if not os.path.exists(self.ca_path):
self.mkdir_recursive(self.ca_path)
# If CA was successfully created move it to the correct location and
# set appropriate permissions
if os.path.isfile(temp_ca_key_file) and os.path.isfile(temp_ca_cert_file):
os.rename(temp_ca_cert_file, ca_cert_file)
os.chmod(ca_cert_file, stat.S_IRUSR)
os.rename(temp_ca_key_file, ca_key_file)
os.chmod(ca_key_file, stat.S_IRUSR)
评论列表
文章目录
