def cert_collect_pkcs12(request,token):
#when supplied with token, looks up request, checks approval status and returns appropriate HttpResponse
#in this case token is taken from browser
certs = Cert_request.objects.filter(token=token)
try:
cert_request=certs[0]
except:
return HttpResponse(status=404,content="Not found")
logger.info("retrieved cert %s",cert_request.common_name)
if (cert_request.issued==True):
logger.info("Certificate already issued %s",cert_request.common_name)
response= HttpResponse(status=410,content="Cert already issued")
elif (cert_request.approved==False):
logger.debug("Certificate pending approval %s",cert_request.common_name)
response=HttpResponse(status=403, content="Pending approval")
else:
logger.info("Generating cert %s",cert_request.common_name)
datastream=generateNewX509(cert_request)
c=OpenSSL.crypto
cert=c.load_certificate(c.FILETYPE_PEM, datastream)
key=c.load_privatekey(c.FILETYPE_PEM, datastream)
p12 = OpenSSL.crypto.PKCS12()
p12.set_privatekey(key)
p12.set_certificate(cert)
#open( "container.pfx", 'w' ).write( p12.export() )
p12dataStream=p12.export()
response = HttpResponse(p12dataStream, content_type='application/x-pkcs12',status=201)
response['Content-Disposition'] = 'attachment; filename="client_cert.p12"'
#update cert_request to avoid duplicates being created
#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!uncomment below!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
#cert_request.issued=True
cert_request.save()
return response
评论列表
文章目录
