git://git.onelab.eu
/
sfa.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
27bb1bc
)
fixed issues with sub authority cert signing. Added documentation
author
Tony Mack
<tmack@paris.CS.Princeton.EDU>
Mon, 18 Oct 2010 22:19:33 +0000
(18:19 -0400)
committer
Tony Mack
<tmack@paris.CS.Princeton.EDU>
Mon, 18 Oct 2010 22:19:33 +0000
(18:19 -0400)
sfa/server/sfa-ca.py
patch
|
blob
|
history
diff --git
a/sfa/server/sfa-ca.py
b/sfa/server/sfa-ca.py
index
c76b985
..
ad2488f
100755
(executable)
--- a/
sfa/server/sfa-ca.py
+++ b/
sfa/server/sfa-ca.py
@@
-1,8
+1,20
@@
#!/usr/bin/python
#
#!/usr/bin/python
#
-# SFA Certificate Signing and management
-#
+# SFA Certificate Signing and management. Root authorities can use this script to sign
+# the certificate of another authority and become its parent.
+#
+# Example usage:
+#
+## sign a peer cert
+# sfa-ca.py --sign PEER_CERT_FILENAME -o OUTPUT_FILENAME
+#
+## import a cert and update the registry hierarchy
+# sfa-ca.py --import CERT_FILENAME
+#
+## display a cert
+# sfa-ca.py --display CERT_FILENAME
+
import os
import sys
import os
import sys
@@
-64,6
+76,8
@@
def display(options):
def sign_gid(gid, parent_key, parent_gid):
gid.set_issuer(parent_key, parent_gid.get_hrn())
gid.set_parent(parent_gid)
def sign_gid(gid, parent_key, parent_gid):
gid.set_issuer(parent_key, parent_gid.get_hrn())
gid.set_parent(parent_gid)
+ gid.set_intermediate_ca(True)
+ gid.set_pubkey(gid.get_pubkey())
gid.sign()
return gid
gid.sign()
return gid