- Added example for Service generated CSR on TPP.

rvelaVenafi · rvelaVenafi · commit 87081b3a947f · 2021-09-14T17:58:32.000-05:00
diff --git a/examples/get_cert_service_tpp.py b/examples/get_cert_service_tpp.py
@@ -17,7 +17,7 @@
 
 from __future__ import print_function
 
-from vcert import (CertificateRequest, Connection, RevocationRequest, CSR_ORIGIN_SERVICE)
+from vcert import (CertificateRequest, venafi_connection, RevocationRequest, CSR_ORIGIN_SERVICE)
 import string
 import random
 import logging
@@ -36,12 +36,11 @@ def main():
     zone = environ.get("TPP_ZONE")
     server_trust_bundle = environ.get('TPP_TRUST_BUNDLE')
 
-
     # Connection will be chosen automatically based on which arguments are passed.
     # If token is passed Venafi Cloud connection will be used.
     # If user, password, and URL Venafi Platform (TPP) will be used.
-    conn = Connection(url=url, user=user, password=password,
-                      http_request_kwargs={"verify": server_trust_bundle})
+    conn = venafi_connection(url=url, user=user, password=password,
+                             http_request_kwargs={"verify": server_trust_bundle})
     # If your TPP server certificate signed with your own CA, or available only via proxy, you can specify
     # a trust bundle using requests vars:
     # conn = Connection(url=url, token=token, user=user, password=password,
@@ -90,31 +89,6 @@ def main():
     fn.write(new_request.private_key_pem)
     fn.close()
 
-    revocation_req = RevocationRequest(req_id=request.id, comments="Just for test")
-    print("Revoke", conn.revoke_cert(revocation_req))
-
-    print("Trying to sign CSR")
-    csr_pem = open("example-csr.pem", "rb").read()
-    csr_request = CertificateRequest(csr=csr_pem.decode())
-    # zone_config = conn.read_zone_conf(zone)
-    # request.update_from_zone_config(zone_config)
-    conn.request_cert(csr_request, zone)
-
-    # and wait for signing
-    while True:
-        cert = conn.retrieve_cert(csr_request)
-        if cert:
-            break
-        else:
-            time.sleep(5)
-
-    # after that print cert and key
-    print(cert.full_chain)
-    # and save into file
-    f = open("/tmp/signed-cert.pem", "w")
-    f.write(cert.full_chain)
-    f.close()
-
 
 def random_word(length):
     letters = string.ascii_lowercase
