diff options
author | Brad Warren <bmw@eff.org> | 2016-05-18 20:14:15 +0300 |
---|---|---|
committer | Brad Warren <bmw@eff.org> | 2016-05-18 20:14:15 +0300 |
commit | 8e17d7498de484857daead51b56f50b186341233 (patch) | |
tree | d57ab8809b7786b577be8beab0fb456e92b6608d | |
parent | 50421e99beefd319cc864fa90cd7ba13e9f41786 (diff) |
Add get_names_from_csruse-cn-from-csr
-rw-r--r-- | certbot/crypto_util.py | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/certbot/crypto_util.py b/certbot/crypto_util.py index 41e675471..b273cf59f 100644 --- a/certbot/crypto_util.py +++ b/certbot/crypto_util.py @@ -272,6 +272,27 @@ def get_sans_from_csr(csr, typ=OpenSSL.crypto.FILETYPE_PEM): csr, OpenSSL.crypto.load_certificate_request, typ) +def get_names_from_csr(csr, typ=OpenSSL.crypto.FILETYPE_PEM): + """Get a list of domains from a CSR, including the CN if it is set. + + :param str csr: CSR (encoded). + :param typ: `OpenSSL.crypto.FILETYPE_PEM` or `OpenSSL.crypto.FILETYPE_ASN1` + + :returns: A list of domain names. + :rtype: list + + """ + loaded_csr = _load_cert_or_req( + csr, OpenSSL.crypto.load_certificate_request, typ) + common_name = loaded_csr.get_subject().CN + + # Use a set to avoid duplication with CN and Subject Alt Names + domains = set() if common_name is None else set((common_name,)) + # pylint: disable=protected-access + domains.update(acme_crypto_util._pyopenssl_cert_or_req_san(loaded_csr)) + return list(domains) + + def dump_pyopenssl_chain(chain, filetype=OpenSSL.crypto.FILETYPE_PEM): """Dump certificate chain into a bundle. |