##
#
+# Notes on using the openssl command line
+#
+# for verifying the chain in a gid, assuming it is split into pieces p1.pem p2.pem p3.pem
+# you can use openssl to verify the chain using this command
+# openssl verify -verbose -CAfile <(cat p2.pem p3.pem) p1.pem
+# also you can use sfax509 to invoke openssl x509 on all parts of the gid
+#
+
+
from __future__ import print_function
import functools
# the X509 subject_alt_name extension. Set_data can only be called once, due
# to limitations in the underlying library.
- def set_data(self, str, field='subjectAltName'):
+ def set_data(self, string, field='subjectAltName'):
# pyOpenSSL only allows us to add extensions, so if we try to set the
# same extension more than once, it will not work
if field in self.data:
raise Exception("Cannot set {} more than once".format(field))
- self.data[field] = str
- self.add_extension(field, 0, str)
+ self.data[field] = string
+ self.add_extension(field, 0, string)
##
# Return the data string that was previously set with set_data