github/traefik-certificate-extractor
1
0
Fork 0
mirror of https://github.com/SnowMB/traefik-certificate-extractor.git synced 2025-01-18 22:09:33 +08:00
Code Issues Projects Releases Wiki Activity

Improve the code I wrote when hungover, thanks to #7, closes #6

Browse Source
This commit is contained in:
Daniel Huisman 2018-06-06 12:56:08 +02:00
parent 9701cb9219
commit 7842e09181
1 changed files with 24 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
extractor.py
View File

@ -21,16 +21,32 @@ class Handler(FileSystemEventHandler):
# Read JSON file # Read JSON file
data = json.loads(open(event.src_path).read()) data = json.loads(open(event.src_path).read())
is_v2 = 'acme-v02' in data['Account']['Registration']['uri']
certs = data['Certificates'] if is_v2 else data['DomainsCertificate']['Certs'] # Determine ACME version
acme_version = 2 if 'acme-v02' in data['Account']['Registration']['uri'] else 1
# Find certificates
if acme_version == 1:
certs = data['DomainsCertificate']['Certs']
elif acme_version == 2:
certs = data['Certificates']
# Loop over all certificates # Loop over all certificates
for c in certs: for c in certs:
name = c['Domain']['Main'] if is_v2 else c['Certificate']['Domain'] if acme_version == 1:
name = c['Certificate']['Domain']
privatekey = c['Certificate']['PrivateKey']
fullchain = c['Certificate']['Certificate']
sans = c['Domains']['SANs']
elif acme_version == 2:
name = c['Domain']['Main']
privatekey = c['Key']
fullchain = c['Certificate']
sans = c['Domains']['SANs']
# Decode private key, certificate and chain # Decode private key, certificate and chain
privatekey = b64decode(c['Key'] if is_v2 else c['Certificate']['PrivateKey']).decode('utf-8') privatekey = b64decode(privatekey).decode('utf-8')
fullchain = b64decode(c['Certificate'] if is_v2 else c['Certificate']['Certificate']).decode('utf-8') fullchain = b64decode(fullchain).decode('utf-8')
start = fullchain.find('-----BEGIN CERTIFICATE-----', 1) start = fullchain.find('-----BEGIN CERTIFICATE-----', 1)
cert = fullchain[0:start] cert = fullchain[0:start]
chain = fullchain[start:] chain = fullchain[start:]
@ -66,8 +82,8 @@ class Handler(FileSystemEventHandler):
with open(directory + name + '.chain.pem', 'w') as f: with open(directory + name + '.chain.pem', 'w') as f:
f.write(chain) f.write(chain)
if c['Domains']['SANs']: if sans:
for name in c['Domains']['SANs']: for name in sans:
with open(directory + name + '.key', 'w') as f: with open(directory + name + '.key', 'w') as f:
f.write(privatekey) f.write(privatekey)
with open(directory + name + '.crt', 'w') as f: with open(directory + name + '.crt', 'w') as f:
@ -75,7 +91,7 @@ class Handler(FileSystemEventHandler):
with open(directory + name + '.chain.pem', 'w') as f: with open(directory + name + '.chain.pem', 'w') as f:
f.write(chain) f.write(chain)
print('Extracted certificate for: ' + c['Domains']['Main'] + (', ' + ', '.join(c['Domains']['SANs']) if c['Domains']['SANs'] else '')) print('Extracted certificate for: ' + name + (', ' + ', '.join(sans) if sans else ''))
if __name__ == "__main__": if __name__ == "__main__":
# Determine path to watch # Determine path to watch