ipaserver.plugins.rabase.rabase

class ipaserver.plugins.rabase.rabase(api)[source]

Bases: ipalib.backend.Backend

Request Authority backend plugin.

Public Data Attributes:

Inherited from Plugin

version

name

full_name

bases

doc

summary

api

Return API instance passed to __init__().

env

Backend

Command

Public Methods:

__init__(api)

check_request_status(request_id)

Check status of a certificate signing request.

get_certificate(serial_number)

Retrieve an existing certificate.

request_certificate(csr, profile_id, ca_id)

Submit certificate signing request.

revoke_certificate(serial_number[, ...])

Revoke a certificate.

take_certificate_off_hold(serial_number)

Take revoked certificate off hold.

find(options)

Search for certificates

updateCRL([wait])

Force update of the CRL

Inherited from Plugin

__init__(api)

finalize()

Finalize plugin initialization.

ensure_finalized()

Finalize plugin initialization if it has not yet been finalized.

__repr__()

Return 'module_name.class_name()' representation.

Inherited from ReadOnly

__lock__()

Put this instance into a read-only state.

__islocked__()

Return True if instance is locked, otherwise False.

__setattr__(name, value)

If unlocked, set attribute named name to value.

__delattr__(name)

If unlocked, delete attribute named name.

Private Data Attributes:

Inherited from ReadOnly

_ReadOnly__locked

Private Methods:

Inherited from Plugin

_Plugin__name_getter()

_Plugin__full_name_getter()

_Plugin__bases_getter()

_Plugin__doc_getter()

_Plugin__summary_getter()

_on_finalize()

Do custom finalization.


property Backend
property Command
__annotations__ = {}
__delattr__(name)

If unlocked, delete attribute named name.

If this instance is locked, an AttributeError will be raised.

Parameters

name – Name of attribute to delete.

__dict__ = mappingproxy({'__module__': 'ipaserver.plugins.rabase', '__doc__': '\n    Request Authority backend plugin.\n    ', '__init__': <function rabase.__init__>, 'check_request_status': <function rabase.check_request_status>, 'get_certificate': <function rabase.get_certificate>, 'request_certificate': <function rabase.request_certificate>, 'revoke_certificate': <function rabase.revoke_certificate>, 'take_certificate_off_hold': <function rabase.take_certificate_off_hold>, 'find': <function rabase.find>, 'updateCRL': <function rabase.updateCRL>, '__annotations__': {}})
__init__(api)[source]
__islocked__()

Return True if instance is locked, otherwise False.

__lock__()

Put this instance into a read-only state.

After the instance has been locked, attempting to set or delete an attribute will raise an AttributeError.

__module__ = 'ipaserver.plugins.rabase'
__repr__()

Return ‘module_name.class_name()’ representation.

This representation could be used to instantiate this Plugin instance given the appropriate environment.

__setattr__(name, value)

If unlocked, set attribute named name to value.

If this instance is locked, an AttributeError will be raised.

Parameters
  • name – Name of attribute to set.

  • value – Value to assign to attribute.

__weakref__

list of weak references to the object (if defined)

_on_finalize()

Do custom finalization.

This method is called from finalize(). Subclasses can override this method in order to add custom finalization.

property api

Return API instance passed to __init__().

bases = (<class 'ipalib.backend.Backend'>,)
check_request_status(request_id)[source]

Check status of a certificate signing request.

Parameters

request_id – request ID

doc = '\n    Request Authority backend plugin.\n    '
ensure_finalized()

Finalize plugin initialization if it has not yet been finalized.

property env
finalize()

Finalize plugin initialization.

This method calls _on_finalize() and locks the plugin object.

Subclasses should not override this method. Custom finalization is done in _on_finalize().

class finalize_attr(name, value=None)

Bases: object

Create a stub object for plugin attribute that isn’t set until the finalization of the plugin initialization.

When the stub object is accessed, it calls ensure_finalized() to make sure the plugin initialization is finalized. The stub object is expected to be replaced with the actual attribute value during the finalization (preferably in _on_finalize()), otherwise an AttributeError is raised.

This is used to implement on-demand finalization of plugin initialization.

__annotations__ = {}
__get__(obj, cls)
__init__(name, value=None)
__module__ = 'ipalib.plugable'
__slots__ = ('name', 'value')
name
value
find(options)[source]

Search for certificates

Parameters

options – dictionary of search options

full_name = 'rabase/1'
get_certificate(serial_number)[source]

Retrieve an existing certificate.

Parameters

serial_number – certificate serial number

name = 'rabase'
request_certificate(csr, profile_id, ca_id, request_type='pkcs10')[source]

Submit certificate signing request.

Parameters
  • csr – The certificate signing request.

  • profile_id – Profile to use for this request.

  • ca_id – The Authority ID to send request to. None is allowed.

  • request_type – The request type (defaults to 'pkcs10').

revoke_certificate(serial_number, revocation_reason=0)[source]

Revoke a certificate.

The integer revocation_reason code must have one of these values:

  • 0 - unspecified

  • 1 - keyCompromise

  • 2 - cACompromise

  • 3 - affiliationChanged

  • 4 - superseded

  • 5 - cessationOfOperation

  • 6 - certificateHold

  • 8 - removeFromCRL

  • 9 - privilegeWithdrawn

  • 10 - aACompromise

Note that reason code 7 is not used. See RFC 5280 for more details:

Parameters
  • serial_number – Certificate serial number.

  • revocation_reason – Integer code of revocation reason.

summary = 'Request Authority backend plugin.'
take_certificate_off_hold(serial_number)[source]

Take revoked certificate off hold.

Parameters

serial_number – Certificate serial number.

updateCRL(wait='false')[source]

Force update of the CRL

Parameters

wait – if true, the call will be synchronous and return only when the CRL has been generated

version = '1'