in lemur/plugins/lemur_adcs/plugin.py [0:0]
def get_certificates(self, options, **kwargs):
adcs_server = current_app.config.get("ADCS_SERVER")
adcs_user = current_app.config.get("ADCS_USER")
adcs_pwd = current_app.config.get("ADCS_PWD")
adcs_auth_method = current_app.config.get("ADCS_AUTH_METHOD")
adcs_start = current_app.config.get("ADCS_START")
adcs_stop = current_app.config.get("ADCS_STOP")
ca_server = Certsrv(
adcs_server, adcs_user, adcs_pwd, auth_method=adcs_auth_method
)
out_certlist = []
for id in range(adcs_start, adcs_stop):
try:
cert = (
ca_server.get_existing_cert(id, encoding="b64")
.decode("utf-8")
.replace("\r\n", "\n")
)
except Exception as err:
if "{0}".format(err).find("CERTSRV_E_PROPERTY_EMPTY"):
# this error indicates end of certificate list(?), so we stop
break
else:
# We do nothing in case there is no certificate returned for other reasons
current_app.logger.info("Error with id {0}: {1}".format(id, err))
else:
# we have a certificate
pubkey = crypto.load_certificate(crypto.FILETYPE_PEM, cert)
# loop through extensions to see if we find "TLS Web Server Authentication"
for e_id in range(0, pubkey.get_extension_count() - 1):
try:
extension = "{0}".format(pubkey.get_extension(e_id))
except Exception:
extensionn = ""
if extension.find("TLS Web Server Authentication") != -1:
out_certlist.append(
{"name": format(pubkey.get_subject().CN), "body": cert}
)
break
return out_certlist