flexebel email address in certs

This commit is contained in:
TuxCoder 2020-05-10 19:37:57 +02:00
parent 5c576351c6
commit 004c3b96f2
3 changed files with 7 additions and 4 deletions

View file

@ -21,11 +21,14 @@ SERVER_NAME = f'account.{ DOMAIN }:9090'
LENTICULAR_CLOUD_SERVICES = {
'jabber': {
'client_cert': True,
'client_cert_option':{
'pki_config':{
'email': '{username}@jabber.{domain}'
}
},
'calendar': {
'client_cert': True
},
'mail': {
'client_cert': True
}
}

View file

@ -113,7 +113,7 @@ class Service(object):
if 'client_cert' in config:
service._client_cert = bool(config['client_cert'])
if 'pki_config' in config:
service._pki_config = config['pki_config']
service._pki_config.update(config['pki_config'])
return service

View file

@ -86,8 +86,8 @@ class Pki(object):
ca_public_key = ca_private_key.public_key()
end_entity_cert_builder = x509.CertificateBuilder().\
subject_name(x509.Name([
x509.NameAttribute(NameOID.COMMON_NAME, username),
x509.NameAttribute(NameOID.EMAIL_ADDRESS, f'{username}@jabber.{domain}'),
x509.NameAttribute(NameOID.COMMON_NAME, config['cn'].format(username=username, domain=domain)),
x509.NameAttribute(NameOID.EMAIL_ADDRESS, config['email'].format(username=username, domain=domain)),
])).\
issuer_name(ca_cert.subject).\
not_valid_before(not_valid_before).\