The first case about ca_csr has been copy/pasted.
But in the following cases, the CSR must be the certificate csr.
(cherry picked from commit 32dab841d7)
Co-authored-by: Bruno Vernay <brunovern.a@gmail.com>
* Extension parsing: add new fallback code which uses the new cryptography API (#331)
* Add new code as fallback which re-serializes de-serialized extensions using the new cryptography API.
* Forgot Base64 encoding.
* Add extension by OID tests.
* There's one value which is different with the new code.
* Differences in CI.
* Working around older Jinjas.
* Value depends on which SAN was included.
* Force complete CI run now since cryptography 36.0.0 is out.
ci_complete
(cherry picked from commit 3f40795a98)
* Adjust tests.
Co-authored-by: Felix Fontein <felix@fontein.de>
* Use new PKCS#12 deserialization code from cryptography 36.0.0 if available.
* Refactor into smaller functions.
* Force complete CI run now since cryptography 36.0.0 is out.
ci_complete
(cherry picked from commit 73bc0f5de7)
Co-authored-by: Felix Fontein <felix@fontein.de>
* Improve Python 2 Unicode handling. (#313)
(cherry picked from commit eb8dabce84)
* Remove test since it doesn't work with pyOpenSSL.
* Completely remove test.
* Update plugins/module_utils/crypto/cryptography_support.py
* Document that *notBefore/*notAfter are not used for idempotency.
* Change formulation.
(cherry picked from commit ed03841fd1)
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add some workarounds for cryptography 35.0.0.
* Make fix work with very old cryptography versions as well (which supported multiple backends).
* [TEMP] Disable openssl_pkcs12 tests to see whether everything else works.
* Revert "[TEMP] Disable openssl_pkcs12 tests to see whether everything else works."
This reverts commit 3f905bc795.
* Add changelog fragment.
* Remove unnecessary assignment.
* Simplify code change.
* [TEMP] Disable openssl_pkcs12 tests to see whether everything else works.
* Revert "[TEMP] Disable openssl_pkcs12 tests to see whether everything else works."
This reverts commit fdb210528e.
(cherry picked from commit a2a7d94055)
Co-authored-by: Felix Fontein <felix@fontein.de>
* Run all tests on all targets. Remove hack in setup_acme.
* Fix some failing tests.
* OpenSSH tests do not work yet with default image on Ansible 2.9. Let's skip them on the cloud target.
* Make tests pass again.
* Make sure to install *latest* versions of cryptography and pyOpenSSL when not installing system packages, whenever possible.
ci_complete
* Update/fix aliases files.
* Install PyOpenSSL and cryptography from PyPi if target Python != system Python.
* Work around some CentOS6, 7, Ubuntu 16.04 problems. Improve jinja2 compatibility handling.
* Skip tasks that require properties that aren't always there.
* Only install OpenSSL when not present.
* Improve output.
* Improve get_certificate integration test graceful failing.
* Fix tests.
* Fix assert.
* OpenSSL peculiarities.
* Fix condition.
Felix Fontein
patchback[bot]
Ajpantuso