slawek/simple-ca
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor simple-ca: Remove JSON config and streamline AIA URL handling
/ test-shell (push) Successful in 11s
Details
/ test-python (push) Successful in 25s
Details
/ test-go (push) Successful in 41s
Details

Browse Source 
- Removed the JSON configuration structure and related functions.
- Introduced plain text file for AIA base URL management.
- Updated CA and certificate creation functions to directly read/write AIA URL.
- Simplified CA bundle rebuilding logic by directly reading subdirectories.
- Enhanced test coverage for CA and certificate creation, including PFX generation.
- Adjusted test cases to reflect changes in directory structure and file handling.
This commit is contained in:
Sławek Koszewski
2026-05-24 21:40:06 +02:00
parent 04d8dab9bc
commit 935167ca8c
7 changed files with 440 additions and 316 deletions
Download Patch File Download Diff File Expand all files Collapse all files
simple-ca.py
+8 -8
View File
@@ -253,18 +253,12 @@ def make_ca(ca_dir, ca_name, days=3650, issuing_ca=None, ca_publish_base_url=Non
return True
def make_cert(cert_dir, cert_subject_name, sans=None, ca_dir=None,
def make_cert(cert_subject_name, sans=None, ca_dir=None, cert_dir=None,
issuing_ca=None, days=365, ca_publish_base_url=None):
if issuing_ca == "ca":
_err("--issuing-ca cannot be 'ca' as it is reserved for the root CA.")
return False
ca_dir = ca_dir or cert_dir
if not cert_dir or not os.path.isdir(cert_dir):
_err(f"Certificate directory {cert_dir} does not exist.")
return False
if not ca_dir or not os.path.isdir(ca_dir):
_err(f"CA directory {ca_dir} does not exist.")
return False
@@ -278,6 +272,11 @@ def make_cert(cert_dir, cert_subject_name, sans=None, ca_dir=None,
return False
signing_dir = os.path.join(ca_dir, issuing_ca) if issuing_ca else ca_dir
cert_dir = cert_dir or signing_dir
if not os.path.isdir(cert_dir):
_err(f"Certificate directory {cert_dir} does not exist.")
return False
ca_cert_path = os.path.join(signing_dir, "ca_cert.pem")
ca_key_path = os.path.join(signing_dir, "ca_key.pem")
if not os.path.isfile(ca_cert_path) or not os.path.isfile(ca_key_path):
@@ -581,9 +580,10 @@ def main(argv=None):
elif args.command == "make-cert":
days = args.days or days_cfg.get("cert", 365)
ok = make_cert(
args.cert_dir, args.subject_name,
args.subject_name,
sans=args.sans,
ca_dir=ca_dir,
cert_dir=getattr(args, "cert_dir", None),
issuing_ca=issuing_ca,
days=days,
ca_publish_base_url=ca_publish_base_url,