flexebel email address in certs

This commit is contained in:
TuxCoder 2020-05-10 19:37:57 +02:00
parent 5c576351c6
commit 004c3b96f2
3 changed files with 7 additions and 4 deletions

View file

@ -21,11 +21,14 @@ SERVER_NAME = f'account.{ DOMAIN }:9090'
LENTICULAR_CLOUD_SERVICES = { LENTICULAR_CLOUD_SERVICES = {
'jabber': { 'jabber': {
'client_cert': True, 'client_cert': True,
'client_cert_option':{ 'pki_config':{
'email': '{username}@jabber.{domain}' 'email': '{username}@jabber.{domain}'
} }
}, },
'calendar': { 'calendar': {
'client_cert': True 'client_cert': True
},
'mail': {
'client_cert': True
} }
} }

View file

@ -113,7 +113,7 @@ class Service(object):
if 'client_cert' in config: if 'client_cert' in config:
service._client_cert = bool(config['client_cert']) service._client_cert = bool(config['client_cert'])
if 'pki_config' in config: if 'pki_config' in config:
service._pki_config = config['pki_config'] service._pki_config.update(config['pki_config'])
return service return service

View file

@ -86,8 +86,8 @@ class Pki(object):
ca_public_key = ca_private_key.public_key() ca_public_key = ca_private_key.public_key()
end_entity_cert_builder = x509.CertificateBuilder().\ end_entity_cert_builder = x509.CertificateBuilder().\
subject_name(x509.Name([ subject_name(x509.Name([
x509.NameAttribute(NameOID.COMMON_NAME, username), x509.NameAttribute(NameOID.COMMON_NAME, config['cn'].format(username=username, domain=domain)),
x509.NameAttribute(NameOID.EMAIL_ADDRESS, f'{username}@jabber.{domain}'), x509.NameAttribute(NameOID.EMAIL_ADDRESS, config['email'].format(username=username, domain=domain)),
])).\ ])).\
issuer_name(ca_cert.subject).\ issuer_name(ca_cert.subject).\
not_valid_before(not_valid_before).\ not_valid_before(not_valid_before).\