The issuer_uri is retrieved from the Authority Information Access field the same way as the OCSP responder URI is.
Handling is exactly the same since they reside in the same OID space and have the same data type.
Tests have also been added based on the integration test certificates.
Signed-off-by: benaryorg <binary@benary.org>
Signed-off-by: benaryorg <binary@benary.org>
* Prepare IDNA/Unicode conversion code. Use to normalize input.
* Use IDNA library first (IDNA2008) and Python's IDNA2003 implementation as a fallback.
* Make sure idna is installed.
* Add changelog fragment.
* 'punycode' → 'idna'.
* Add name_encoding options and tests.
* Avoid invalid character for IDNA2008.
* Linting.
* Forgot to upate value.
* Work around cryptography bug. Fix port handling for URIs.
* Forgot other place sensitive to cryptography bug.
* Forgot one. (Will likely still fail.)
* Decode IDNA in _compress_entry() to avoid comparison screw-ups.
* Work around Python 3.5 problem in Ansible 2.9's default test container.
* Update changelog fragment.
* Fix error, add tests.
* Python 2 compatibility.
* Update requirements.
* Fix empty check for openssl_pkcs12 tests.
* Remove unnecessary imports.
* Prevent crash if PyOpenSSL cannot be imported because of an AttributeError.
* Add changelog fragment.
* Fix constraints file.
* Use Python 2.7 instead of 3.5 for 2.9 cloud tests (pip module is broken).
* Prevent upgrading cryptography on ansible-core 2.12's default container with Python 3.9.
* Prepare for distutils.version being removed in Python 2.12.
* Fix copy'n'paste error.
* Re-add Loose prefix.
* Fix Python version typo.
* Improve formulation.
* Move message into own line.
* Fix casing, now that the object is no longer called Version.
* Remove assertonly backend.
* Remove assertonly tests.
* The expired test is basically a test of assertonly.
* Replace assertonly verification by _info + assert.
* Remove Ubuntu 16.04 (Xenial Xerus) from CI.
* Removing PyOpenSSL backend from everywhere but openssl_pkcs12.
* Remove PyOpenSSL support from module_utils that's not needed for openssl_pkcs12.
* Add changelog fragment.
* Add diff support to openssl_privatekey.
* Add diff support to openssl_csr.
* Add diff support to x509_crl.
* Add diff support to x509_certificate.
* Add diff support to openssl_publickey.
* Add changelog fragment.
* Prefer one fingerprint for diff infos to reduce noise.
* Apply suggestions from code review
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* Return more public key information.
* Make sure bit size is converted to int first.
* Apply suggestions from code review
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* Remove no longer necessary code.
* Use correct return value's name.
* Add trailing commas.
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* Add openssl_publickey_info module. Share code between openssl_privatekey_info and the new module, and improve documentation of it.
* Move public key loading to support module.
* Require pyOpenSSL 16.0.0 for public key loading.
* Linting.
* Apply suggestions from code review
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* Rename identify.py to pem.py.
* Move split PEM list code to pem.py crypto module_utils.
* Extend and use global certificate splitting code in acme_certificate.
* openssl_pkcs12: allow to load multiple certificates from files mentioned in other_certificates.
* Add changelog and module_utils redirect.
* Remove old check.
* Fix typo.
* Apply suggestions from code review
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
* Add example.
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
* Improve error messages for name decoding (not all names appear in SANs).
* Refactor DN parsing, add relative DN parsing code.
* Allow to specify CRL distribution points.
* Add changelog fragment.
* Fix typo.
* Make sure value argument to x509.NameAttribute is a text.
* Update changelogs/fragments/167-openssl_csr-crl-distribution-points.yml
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
* Add example.
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
* Move disk-independent parts of openssl_privatekey to module_utils and doc_fragments.
* Improve documentation.
* Add openssl_privatekey_pipe module.
* Fallback in case no fingerprints are returned.
* Prevent no_log=True for content to stop module from working correctly.
* Forgot version_added.
* Update copyright. All the interesting code is no longer in this file anyway.
* Remove file arguments.
* Add framework for action modules.
* Convert openssl_privatekey_pipe to action plugin.
* Linting.
* Bump version.
* Add return_current_key option.
* Add no_log to examples.
* Remove preparation for potential later extensibility (easy to re-add when needed).
* Fix deprecation version in docs.
* Use new ArgumentSpec object for AnsibleActionModule as well.
* Extract doc fragment from openssl_csr.
* Refactor openssl_csr module into backend + module.
* Add openssl_csr_pipe module.
* Add seealso references.
* ...
* Use /dev/stdin instead of -, which seems to be only supported by newer openssl versions.
* Bump version.
* DRY: use select_message_digest.
* Fix deprecation version in docs.
* Docs improvements.
* Improve argument spec handling for module backends.
* Linting.
* Fix linting problems by using kwargs.
