Commit da6e0282 authored by Ales Mrazek's avatar Ales Mrazek

client certificate generator now generates certificates with commonName same as emailAddress

parent 3cb274ed
......@@ -2,13 +2,6 @@
Jetconf
*******
:Authors:
Ladislav Lhotka <lhotka@nic.cz>,
Aleš Mrázek <ales.mrazek@nic.cz>,
Pavel Špírek <pavel.spirek@nic.cz>
:Version: 0.3.4
:Date: 15.08.2019
Jetconf is an implementation of the RESTCONF_ protocol written in
Python 3.
......@@ -27,8 +20,8 @@ Requirements
Jetconf requires **Python 3.6 or newer**::
sudo apt-get install python3
sudo apt-get install python3-pip
~$ apt-get install python3
~$ apt-get install python3-pip
These requirements should be installed by running *Instalation*
......@@ -47,7 +40,7 @@ Installation
Jetconf can be installed by PyPI::
$ python3 -m pip install jetconf
~$ python3 -m pip install jetconf
Running
......@@ -55,21 +48,19 @@ Running
Running Jetconf::
$ jetconf -c <path_to_config_file.yaml>
~$ jetconf -c <path_to_config_file.yaml>
For development purposes, Jetconf can also be started directly
from Git repository with run.py script.::
from git repository with ``run.py`` script.::
$ ./run.py -c <path_to_config_file.yaml>
~$ ./run.py -c <path_to_config_file.yaml>
Example configuration (template)
================================
In the data folder, there is an example template for
configuring paths, certificates etc.::
example-config.yaml
In the ``data`` folder, there is an example template ``example-config.yaml`` for
configuring paths, certificates etc.
In this configuration file, you have to modify all paths to match
......@@ -78,10 +69,10 @@ your actual file locations.
Links
=====
* `Git repository`_
* `GitHub repository`_
* `Documentation`_
.. _RESTCONF: https://tools.ietf.org/html/draft-ietf-netconf-restconf-18
.. _NACM: https://datatracker.ietf.org/doc/rfc6536/
.. _Git repository: https://github.com/CZ-NIC/jetconf
.. _GitHub repository: https://github.com/CZ-NIC/jetconf
.. _Documentation: https://gitlab.labs.nic.cz/labs/jetconf/wikis/home
-----BEGIN CERTIFICATE-----
MIIDpTCCAo2gAwIBAgIUM1dLD/ul/7RZVgNFzvXiAKrWSgowDQYJKoZIhvcNAQEL
BQAwYjELMAkGA1UEBhMCQ1oxEzARBgNVBAgMClNvbWUtU3RhdGUxEzARBgNVBAoM
CkV4YW1wbGUgQ0ExETAPBgNVBAsMCGV4YWNhLmN6MRYwFAYDVQQDDA1tYWlsQGV4
YWNhLmN6MB4XDTE4MTIxMDExMzcyOVoXDTI4MTIwNzExMzcyOVowYjELMAkGA1UE
BhMCQ1oxEzARBgNVBAgMClNvbWUtU3RhdGUxEzARBgNVBAoMCkV4YW1wbGUgQ0Ex
ETAPBgNVBAsMCGV4YWNhLmN6MRYwFAYDVQQDDA1tYWlsQGV4YWNhLmN6MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+3Iz/BckIESoiWq1dZEdzx2X2ay
tf/XcBTzOnQ/ts0TVtZzI1TcrvuSMb8+3JGP1QgGahyarX4s8Tn6ECrnOM1dyzUi
1E3zx4+gq9JEH+7Xf9e8aGiKj/u1suomn+LJqQMOnbqqCBkR9ijHFrRBaO7so1Kv
poB9BxkJamvO7V+yqL9oxTDkkc0A5pkdxfCgIZzxkNe9/psQABBmJn/NcbtUFUDn
7yo3qyl8vyarGMqRFyxkZhSmL3pYhFQeVyf+JXyVskG+9VOrsK4QFduKFQO9kAqi
Vvw8yIk21r8CxH1S3mBtpr7p3wnhrxUd0pcxOmTcMVhHhriRHudNjt8+uQIDAQAB
o1MwUTAdBgNVHQ4EFgQUSp/mGd1v/ee9IMT2FK0GOpbUTyMwHwYDVR0jBBgwFoAU
Sp/mGd1v/ee9IMT2FK0GOpbUTyMwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B
AQsFAAOCAQEASsj/mVooYxBBllJ5ZFCc9tQHLJEcJjCefVuqaS2uLirFm6deW0G+
D7wYOK0+OFKoEWpUeQ9qjWn/S2tqeUTVzeA6Qt0rkgVcIbJEpEnG+U+7gGeDwjWN
fouRm5nkuq5kwgEQhSYi/+Zai4smFhRhK5w9+5ks1m366wFc9bIZJBmn7L8jgS+j
iO5yHW501dUAhdRYuqdc2uu4QME+ylaXMPVb6e1zakDy7Zu0UGyUKxe2O2dNX5f2
eVQExJLL4HaxYqETRdG5YNZfmygcMpA2Be6d5W4ELO6P51W/zubpzgbl0iLX0BRt
6HGuj/P2lwjvm3MXA+68zr2k+vZkZBvflg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDGDCCAgACFFOGoQDT32VtJ6d2qBHVKOVe1Z+wMA0GCSqGSIb3DQEBCwUAMGIx
CzAJBgNVBAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRMwEQYDVQQKDApFeGFt
cGxlIENBMREwDwYDVQQLDAhleGFjYS5jejEWMBQGA1UEAwwNbWFpbEBleGFjYS5j
ejAeFw0xODEyMTAxMTM5NTlaFw0yODEyMDcxMTM5NTlaMC8xDTALBgNVBAMMBFRl
c3QxHjAcBgkqhkiG9w0BCQEWD2V4YW1wbGVAbWFpbC5jejCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMA1oAEwbEajmpBykmEf9vU9kubXvlRumr4gBCWB
HxpTPZgPDX0JzRch6/mtaVXnw1XAeyUnWzyMEGqfF7+vruZi6mVEd6hfQgRVhBVJ
6Y69PrCP/YntwxMWABRrD2Qct7IUqZYuJugcmhPL06k+UDNdD/OpDTY5Aq/sHJAR
SFjJhueGH13DhR23+iC15h1LOP2a17d66SXplFOgH42ewPdPyqx6tGvN7qs76STh
25Vd8chKfYraIB4MOG99qF7T2L100MMTtBwM/rxGxJFtrEUc5Vntsl2s25V4H8L2
Wb8vXfrez5V6w0rqhJez2nDW4KLlflPRVZ094vOZ/UuebCUCAwEAATANBgkqhkiG
9w0BAQsFAAOCAQEAp6ej+KI0ewmCp54ih3dU1qWmRBDgubr1C7G8LbLm3oU5lZ+C
4BP43kkzlOwjTthwdPOaDO5dN0VxgnhueOex1NX4Pyj1jZsR5DKPDVDTauwhYD+5
OIVhX7eQadU9PE2ZpfefOEU/oyb9+TcuuRQrTXNAHcyml8PHX18lc+9bjdktvHm5
s9JDE9Xc6AsR1Mss6uPMncfZvri6rlZizaF3s3+jdoIRnyGDY9bMzrVzMwY2PYOp
4686PCGC2zQkcn3NcQMj/agr7zI5VMc1IcV8lcOAJoINHuXtQYm8vs8tFH8o6ce6
XYVx8aKna5+6t5zBk0LU6+yQjBgqceQw0LdBVg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDGDCCAgACFFOGoQDT32VtJ6d2qBHVKOVe1Z+wMA0GCSqGSIb3DQEBCwUAMGIx
CzAJBgNVBAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRMwEQYDVQQKDApFeGFt
cGxlIENBMREwDwYDVQQLDAhleGFjYS5jejEWMBQGA1UEAwwNbWFpbEBleGFjYS5j
ejAeFw0xODEyMTAxMTM5NTlaFw0yODEyMDcxMTM5NTlaMC8xDTALBgNVBAMMBFRl
c3QxHjAcBgkqhkiG9w0BCQEWD2V4YW1wbGVAbWFpbC5jejCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMA1oAEwbEajmpBykmEf9vU9kubXvlRumr4gBCWB
HxpTPZgPDX0JzRch6/mtaVXnw1XAeyUnWzyMEGqfF7+vruZi6mVEd6hfQgRVhBVJ
6Y69PrCP/YntwxMWABRrD2Qct7IUqZYuJugcmhPL06k+UDNdD/OpDTY5Aq/sHJAR
SFjJhueGH13DhR23+iC15h1LOP2a17d66SXplFOgH42ewPdPyqx6tGvN7qs76STh
25Vd8chKfYraIB4MOG99qF7T2L100MMTtBwM/rxGxJFtrEUc5Vntsl2s25V4H8L2
Wb8vXfrez5V6w0rqhJez2nDW4KLlflPRVZ094vOZ/UuebCUCAwEAATANBgkqhkiG
9w0BAQsFAAOCAQEAp6ej+KI0ewmCp54ih3dU1qWmRBDgubr1C7G8LbLm3oU5lZ+C
4BP43kkzlOwjTthwdPOaDO5dN0VxgnhueOex1NX4Pyj1jZsR5DKPDVDTauwhYD+5
OIVhX7eQadU9PE2ZpfefOEU/oyb9+TcuuRQrTXNAHcyml8PHX18lc+9bjdktvHm5
s9JDE9Xc6AsR1Mss6uPMncfZvri6rlZizaF3s3+jdoIRnyGDY9bMzrVzMwY2PYOp
4686PCGC2zQkcn3NcQMj/agr7zI5VMc1IcV8lcOAJoINHuXtQYm8vs8tFH8o6ce6
XYVx8aKna5+6t5zBk0LU6+yQjBgqceQw0LdBVg==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAwDWgATBsRqOakHKSYR/29T2S5te+VG6aviAEJYEfGlM9mA8N
fQnNFyHr+a1pVefDVcB7JSdbPIwQap8Xv6+u5mLqZUR3qF9CBFWEFUnpjr0+sI/9
ie3DExYAFGsPZBy3shSpli4m6ByaE8vTqT5QM10P86kNNjkCr+wckBFIWMmG54Yf
XcOFHbf6ILXmHUs4/ZrXt3rpJemUU6AfjZ7A90/KrHq0a83uqzvpJOHblV3xyEp9
itogHgw4b32oXtPYvXTQwxO0HAz+vEbEkW2sRRzlWe2yXazblXgfwvZZvy9d+t7P
lXrDSuqEl7PacNbgouV+U9FVnT3i85n9S55sJQIDAQABAoIBAQCm62sC3VyKk/Xc
z8LTWgELxOdYVa/SfyMfTYqMT3AFWpi4/wmFtwdGuYzGjZRWqCj4xWmsQFt5X2G6
VmM3coh/RxOr0iPgMqmQPfuwyTltXmecyc8zAypP3uE+2iLJnC7jFhKYe4gKNxyP
aIluBtF7aaw6vGre1e/Be1jqvDeJ8iVtqH7sGLJjAUY2rLrxa7MZGbdSKuwYwyTR
dtbOM2aQhRczMwXnuBMd8Mn1B9RicFvtYdawfuKpnmid9J/b1Nw2tdlvtAYYiFVL
+WOcB5Y1wZxROzdGKHGQ1tiP02MJ+0yvdTgOKHl+kxDFJNdaIq0pKiK21WyzRWNV
FT4YIQRBAoGBAPqt/tlNyaH447hZUXs1w/2qaWoF0FAKsROabTvqqhwtAt3mH/7w
hpqHndGRm4W3Jcb+/IwUm28bP1/LiPxVrah9tAMqOJi9PRwtfzNYC2kt+qHi/0+X
WQtUZ3DzXR5z3PW4kPpMVrlE0ekTBhFuVEHGP59dl745O6P7lUFSc64tAoGBAMRJ
8k5KhiRnA7JPeI+5dzdqxunifJvzU6VOu3mGEYbJ8TPgzTkwZ57jFuZ1MWd/wfwS
NZc0But7nK4yD3jWWGnA6veC+JHfX1PTSkyotpuWVqf0lv8C9j89zDnL617XIvx3
FYwULcPy8zbFU3jJrqQrl1xjm2hELjBZIMdR8+jZAoGAcJHuHbtWzousBz7k3kV4
q9L434mY0Djc6AazAvMQTPLRlMAgoiV07LP15QRUKKnkJwaednFSk4RS4zvNWjNH
dqBsU/eDzuM8LAkqU+43wZXKNSRwrlcyv2m5wfknWeOB2D53rE7Xqv8CnH3UfcNj
xt21+GTZHa0p4Su7DMhv9kkCgYBn2sQkXlPZINQY3OlqCfQk0w8JonbRwI2qMh0J
MEFHssM28qNCtfStYXO1XZ5VJ4iIiU3ngXSD1XRRylTbV3WSBquLZ7WC4M+8N1fh
dYagjYut88CMjpGhZl4O2nDfTi7Jq2wwIGESgxHiEceXagZIAHRmQqFwKlrR4+Zu
71KBCQKBgBf6fLXyHSnNaHbp7rnHiwks7I5VplSkVMNjy1FVW4dKdXWdDqH0T7M3
8R5+LXeN7FrYwDeB28T87WrelG1jz9mzhpn+cInVWN9yoaajr3D3AHKCr1i9fJwp
FyOZfmMjivpeaHud1QVsaKe6SthmyvOmIKY4GXTjXv+05TzCSQZl
-----END RSA PRIVATE KEY-----
......@@ -7,7 +7,6 @@ GLOBAL:
LOG_DBG_MODULES: ["usr_conf_data_handlers", "nacm", "data"]
YANG_LIB_DIR: "yang-modules"
DATA_JSON_FILE: "data.json"
CLIENT_CN: true
BACKEND_PACKAGE: "jetconf_jukebox"
HTTP_SERVER:
......
example
\ No newline at end of file
-----BEGIN CERTIFICATE-----
MIIDUDCCAjigAwIBAgIUU4ahANPfZW0np3aoEdUo5V7Vn68wDQYJKoZIhvcNAQEL
BQAwYjELMAkGA1UEBhMCQ1oxEzARBgNVBAgMClNvbWUtU3RhdGUxEzARBgNVBAoM
CkV4YW1wbGUgQ0ExETAPBgNVBAsMCGV4YWNhLmN6MRYwFAYDVQQDDA1tYWlsQGV4
YWNhLmN6MB4XDTE4MTIxMDExMzg0OVoXDTI4MTIwNzExMzg0OVowFDESMBAGA1UE
AwwJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytP5
jYFCv2r5FAzCAb2QU0QVP7UWJTUGeorHgME8UVj3gzqFpuQCWt5ueahNxMtvfaqn
J5ig9JWaXYd92A83TsMc/Bv0uaDp4sa6is+zC/n3HtUuXscc7ugteCop4O25HuB4
d7+tHc0RGS87oCvOQkrKx5DHY6sZ4PKbn3C/qQO0gxfQ87GctL0NwXTJlPve+rBM
KZDhxto/963rb5mbQx6kdC3voW/Xl0QJrV8RR0ky/kQ/mxuBmWob0HPLD9f/DVdX
iIJvJDH7N6JOhot8pngAoCPnWPlmGzxanmT5oiRNRhVBBbtEgxu3eqwwL5ZLmmTB
Rs86ur9ThykXm4ZWlwIDAQABo0wwSjAfBgNVHSMEGDAWgBRKn+YZ3W/9570gxPYU
rQY6ltRPIzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIE8DAPBgNVHREECDAGhwR/AAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQB42T0Z4tVIQESQtDxjIEvz2D5EgNEs6FLvRcYB
eIu/LlEDSCqC3iiWmMAiXgnXl4AsRKrdM2QBGBzh6HUoGsXEo4nhIsf5f3CEvfKg
MEIDEriYD3O7llib/hXkDrukLB+N3ULjdb6h9AC0LNr5RKEU5nEmqvI/zQwJU/8N
veh0EnTvXWdrKLjG9gzyamPomwVe+HVGkW+ZzmqawWo+1b8O6Nz8wScVputtCbsb
woxZp8l8mjcm/yYrWQLQ61PySZVJ11o0GaTnSGFfWvVE6LGim+ArP//Kh/pwcjad
rTc3BkDfR4Ukg/CvG2hAz8X5xh/1KroCYOg2u5sVewJuddrc
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAytP5jYFCv2r5FAzCAb2QU0QVP7UWJTUGeorHgME8UVj3gzqF
puQCWt5ueahNxMtvfaqnJ5ig9JWaXYd92A83TsMc/Bv0uaDp4sa6is+zC/n3HtUu
Xscc7ugteCop4O25HuB4d7+tHc0RGS87oCvOQkrKx5DHY6sZ4PKbn3C/qQO0gxfQ
87GctL0NwXTJlPve+rBMKZDhxto/963rb5mbQx6kdC3voW/Xl0QJrV8RR0ky/kQ/
mxuBmWob0HPLD9f/DVdXiIJvJDH7N6JOhot8pngAoCPnWPlmGzxanmT5oiRNRhVB
BbtEgxu3eqwwL5ZLmmTBRs86ur9ThykXm4ZWlwIDAQABAoIBAG24FXsSvYTG3U6X
SCug2/3vCn+X+g7OjF6lzB4+ad6nfd0jP0F0fkGhqalt/gPC+ODF+/5Tdl5Yv1Rx
AwZp1MVqjrdieBQik+L1FdwZVwXXhnLLZ3Ylx+UE+/PQ+y6N6mJlk0VUDtXcJK+2
+U4/5CfARcmG7BVibXFeTAkH+OX4AFz8sXZfFM0RrlFNibQ4286tSxeGSYji0Clr
X5uWhNdlCO8pO8S4+/jkiHwHdaFp4W2YNwffjApbyWgzJ52DUjbSvk+HIj0f/pJr
Hl22x5tFdHjXm3CV9/G6QIEdfjqw29YA3K5lqBicPB3W3p+t5ae7LdOTJfyrUR43
zxZg84ECgYEA7hWkRl5umAY0UFUEcexzcduWEBEbH0A4X880/IC/m1o4zjD+5aJE
7gy2xnBE0bjBOcYzX+xxG3+I6DszhziIsd1I3lbpXyems9oMMY4DEeTwhH7cUssb
2MfPUbHTBBv7zaNmxei4rqkDKZuKao+rIWrX0j5ypyiZODoDQXwpeEcCgYEA2hcq
tO8WZfZhQoAF+CeaxHhu4Z/jQH7cJ/3BkcoJryow9lKI0ZJp2IPRcrhZ+8nODgT1
QYqDUblZpmXC8CivHLRljQVO4BDcw1kCrtRj/A6kZlW0J1eGM9+6qMX+0/z+e5mT
+YtjanOc1pY8V47JXFiAj2Cf3XyXhY4SlxTgpzECgYEAjiF1VF0DgNYTXPGkGa6i
rJH+X9EWc+2OugOlCiiCOmf+CXnOcaARrlsAsi5Lpze4gpkECnvIejYEsT7GYC8r
y6Li4XjZEOlG54+AQAUbaA9YVoC1XufJ0/xUk9yosIdUJ0spC3UG654SOUCVvU/P
Rb/W37hQEeJ2tc5MK0fIKfkCgYEAjlIv/INKCqAOOGdzfc3aofw13+eHVb9zzGU8
vPcr+rN94EFcJ+d0S2c6d7L2hencHin+IxdROzPJ3VzrKe5i2EihPLYKEw7uAk1E
AvN3jDXB80ZampHzcka+eQU8lvqy19YRSvg7mGx6HU9NcZYssabPvsE/kjqMZwuf
9hgZwwECgYARhSmOij7ftetPgAXWl94B/L1ynVjEwendUnvTYHeLQ4CHgJRweBGP
GNjdGiOB+Gfrqeugznq2FvdaIAaomwEfzLEv8wBkwV2YGvN0Mn1JPKPnI7SRNBwI
qBQq1IaFWqFtX0u3Fp304jPKbDJeZ/OxSw5XmjwPVZaAs98sgMFaMA==
-----END RSA PRIVATE KEY-----
......@@ -7,24 +7,24 @@ with codecs.open(os.path.join(here, 'README.rst'), encoding='utf-8') as readme:
long_description = readme.read()
setup(
name = "jetconf",
packages = find_packages(),
use_scm_version = True,
name="jetconf",
packages=find_packages(),
use_scm_version=True,
setup_requires=["setuptools_scm"],
description = "Pure Python implementation of RESTCONF server",
long_description = long_description,
url = "https://gitlab.labs.nic.cz/labs/jetconf",
author = "Pavel Spirek",
author_email = "pavel.spirek@nic.cz",
entry_points = {
description="Pure Python implementation of RESTCONF server",
long_description=long_description,
url="https://gitlab.labs.nic.cz/labs/jetconf",
author="Ales Mrazek",
author_email="ales.mrazek@nic.cz",
entry_points={
"console_scripts": ["jetconf=jetconf.__main__:main"]
},
install_requires = ["yangson", "h2", "colorlog", "pyaml", "pytz"],
tests_require = ["pytest"],
keywords = ["RESTCONF", "yang", "data model", "configuration", "json"],
classifiers = [
install_requires=["yangson", "h2", "colorlog", "pyaml", "pytz"],
tests_require=["pytest"],
keywords=["RESTCONF", "yang", "data model", "configuration", "json"],
classifiers=[
"Programming Language :: Python",
"Programming Language :: Python :: 3.5",
"Programming Language :: Python :: 3.6",
"Development Status :: 3 - Alpha",
"Intended Audience :: System Administrators",
"Intended Audience :: Telecommunications Industry",
......
......@@ -11,7 +11,7 @@ browsers and operating systems, they are only suitable for testing.
To generate a client certificate, just run the provided script as follows:
./gen_client_cert.sh <username>
The issued certificate will have the "emailAddress" DN in the form of
The issued certificate will have the "emailAddress" DN and "commonName" in the form of
username@mail.cz. This will be used as the username by Jetconf server.
The following files will be generated:
......
......@@ -8,7 +8,7 @@ echo -e "\n1. Generating private key:"
openssl genrsa -out $1.key 2048
echo -e "\n2. Generating CSR:"
openssl req -new -key $1.key -out $1.req -subj "/CN=Test/emailAddress=$1"
openssl req -new -key $1.key -out $1.req -subj "/CN=$1/emailAddress=$1"
echo -e "\n3. Signing CSR with test CA's key:"
openssl x509 -req -in $1.req -CAcreateserial -CA ca.pem -CAkey ca.key -days 3650 -out $1.pem
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment