CertList - command getcert list
- class insights.parsers.getcert_list.CertList(context, extra_bad_lines=None)[source]
Bases:
CommandParser
Parse the output of
getcert list
.Stores data as a pseudo-dictionary, keyed on request ID. But it’s much easier to find requests based on their properties, using the
search
method. This finds requests based on their keys, e.g.search(stuck='no')
. Spaces and dashes are converted to underscores in the keys being sought, so one can search forkey_pair_storage
orpre_save_command
. Multiple keys can be searched in the same call, e..search(CA="IPA", stuck='yes')
. If no keys are given, no requests are returned.Sample output:
Number of certificates and requests being tracked: 2. Request ID '20130725003533': status: MONITORING stuck: no key pair storage: type=NSSDB,location='/etc/dirsrv/slapd-LDAP-EXAMPLE-COM',nickname='Server-Cert',token='NSS Certificate DB',pinfile='/etc/dirsrv/slapd-LDAP-EXAMPLE-COM/pwdfile.txt' certificate: type=NSSDB,location='/etc/dirsrv/slapd-LDAP-EXAMPLE-COM',nickname='Server-Cert',token='NSS Certificate DB' CA: IPA issuer: CN=Certificate Authority,O=LDAP.EXAMPLE.COM subject: CN=master.LDAP.EXAMPLE.COM,O=LDAP.EXAMPLE.COM expires: 2017-06-28 12:52:12 UTC eku: id-kp-serverAuth,id-kp-clientAuth pre-save command: post-save command: /usr/lib64/ipa/certmonger/restart_dirsrv LDAP-EXAMPLE-COM track: yes auto-renew: yes Request ID '20130725003602': status: MONITORING stuck: no key pair storage: type=NSSDB,location='/etc/dirsrv/slapd-PKI-IPA',nickname='Server-Cert',token='NSS Certificate DB',pinfile='/etc/dirsrv/slapd-PKI-IPA/pwdfile.txt' certificate: type=NSSDB,location='/etc/dirsrv/slapd-PKI-IPA',nickname='Server-Cert',token='NSS Certificate DB' CA: IPA issuer: CN=Certificate Authority,O=EXAMPLE.COM subject: CN=ldap.EXAMPLE.COM,O=EXAMPLE.COM expires: 2017-06-28 12:52:13 UTC eku: id-kp-serverAuth,id-kp-clientAuth pre-save command: post-save command: /usr/lib64/ipa/certmonger/restart_dirsrv PKI-IPA track: yes auto-renew: yes
- num_tracked
The number of ‘tracked’ certificates and requests, as given in the first line of the output.
- Type:
int
- requests
The list of request IDs as they appear in the output, as strings.
- Type:
list
Examples
>>> certs = shared[Cert_List] >>> certs.num_tracked # number of certificates tracked from first line 2 >>> len(certs) # number of requests stored - may be smaller than num_tracked 2 >>> certs.requests ['20130725003533', '20130725003602'] >>> '20130725003533' in certs True >>> certs['20130725003533']['issuer'] 'CN=Certificate Authority,O=LDAP.EXAMPLE.COM' >>> for request in certs.search(CA='IPA'): ... print request['certificate'] ... type=NSSDB,location='/etc/dirsrv/slapd-LDAP-EXAMPLE-COM',nickname='Server-Cert',token='NSS Certificate DB' type=NSSDB,location='/etc/dirsrv/slapd-PKI-IPA',nickname='Server-Cert',token='NSS Certificate DB'