Get the new certificate. Returns the signed bytes.
()
| 336 | |
| 337 | |
| 338 | def sign_certificate(): |
| 339 | """ |
| 340 | Get the new certificate. |
| 341 | Returns the signed bytes. |
| 342 | |
| 343 | """ |
| 344 | LOGGER.info("Signing certificate...") |
| 345 | cmd = [ |
| 346 | "openssl", |
| 347 | "req", |
| 348 | "-in", |
| 349 | os.path.join(gettempdir(), "domain.csr"), |
| 350 | "-outform", |
| 351 | "DER", |
| 352 | ] |
| 353 | with open(os.devnull, "wb") as devnull: |
| 354 | csr_der = subprocess.check_output(cmd, stderr=devnull) |
| 355 | code, result = _send_signed_request( |
| 356 | DEFAULT_CA + "/acme/new-cert", |
| 357 | { |
| 358 | "resource": "new-cert", |
| 359 | "csr": _b64(csr_der), |
| 360 | }, |
| 361 | ) |
| 362 | if code != 201: |
| 363 | raise ValueError("Error signing certificate: {0} {1}".format(code, result)) |
| 364 | LOGGER.info("Certificate signed!") |
| 365 | |
| 366 | return result |
| 367 | |
| 368 | |
| 369 | def encode_certificate(result): |