github/traefik-certificate-extractor
1
0
Fork 0
mirror of https://github.com/SnowMB/traefik-certificate-extractor.git synced 2025-01-19 06:19:33 +08:00
Code Issues Projects Releases Wiki Activity

Start implementing ACME v2 support

Browse Source
This commit is contained in:
Daniel Huisman 2018-05-22 02:56:26 +02:00
parent d94604591e
commit 9701cb9219
1 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
extractor.py
View File

@ -21,19 +21,22 @@ class Handler(FileSystemEventHandler):
# Read JSON file # Read JSON file
data = json.loads(open(event.src_path).read()) data = json.loads(open(event.src_path).read())
certs = data['DomainsCertificate']['Certs'] is_v2 = 'acme-v02' in data['Account']['Registration']['uri']
certs = data['Certificates'] if is_v2 else data['DomainsCertificate']['Certs']
# Loop over all certificates # Loop over all certificates
for c in certs: for c in certs:
name = c['Domain']['Main'] if is_v2 else c['Certificate']['Domain']
# Decode private key, certificate and chain # Decode private key, certificate and chain
privatekey = b64decode(c['Certificate']['PrivateKey']).decode('utf-8') privatekey = b64decode(c['Key'] if is_v2 else c['Certificate']['PrivateKey']).decode('utf-8')
fullchain = b64decode(c['Certificate']['Certificate']).decode('utf-8') fullchain = b64decode(c['Certificate'] if is_v2 else c['Certificate']['Certificate']).decode('utf-8')
start = fullchain.find('-----BEGIN CERTIFICATE-----', 1) start = fullchain.find('-----BEGIN CERTIFICATE-----', 1)
cert = fullchain[0:start] cert = fullchain[0:start]
chain = fullchain[start:] chain = fullchain[start:]
# Create domain directory if it doesn't exist # Create domain directory if it doesn't exist
directory = 'certs/' + c['Certificate']['Domain'] + '/' directory = 'certs/' + name + '/'
try: try:
os.makedirs(directory) os.makedirs(directory)
except OSError as error: except OSError as error:
@ -56,11 +59,11 @@ class Handler(FileSystemEventHandler):
# Write private key, certificate and chain to flat files # Write private key, certificate and chain to flat files
directory = 'certs_flat/' directory = 'certs_flat/'
with open(directory + c['Certificate']['Domain'] + '.key', 'w') as f: with open(directory + name + '.key', 'w') as f:
f.write(privatekey) f.write(privatekey)
with open(directory + c['Certificate']['Domain'] + '.crt', 'w') as f: with open(directory + name + '.crt', 'w') as f:
f.write(fullchain) f.write(fullchain)
with open(directory + c['Certificate']['Domain'] + '.chain.pem', 'w') as f: with open(directory + name + '.chain.pem', 'w') as f:
f.write(chain) f.write(chain)
if c['Domains']['SANs']: if c['Domains']['SANs']: