]>
git.proxmox.com Git - proxmox-backup.git/blob - src/bin/proxmox_backup_manager/cert.rs
24bd9cc6ff34f4f333ff9ace2eafc69139bb1196
1 use anyhow
::{bail, Error}
;
3 use proxmox
::api
::{api, cli::*}
;
5 use proxmox_backup
::config
;
6 use proxmox_backup
::auth_helpers
::*;
9 /// Display node certificate information.
10 fn cert_info() -> Result
<(), Error
> {
12 let cert
= proxmox_backup
::cert_info()?
;
14 println
!("Subject: {}", cert
.subject_name()?
);
16 if let Some(san
) = cert
.subject_alt_names() {
17 for name
in san
.iter() {
18 if let Some(v
) = name
.dnsname() {
19 println
!(" DNS:{}", v
);
20 } else if let Some(v
) = name
.ipaddress() {
21 println
!(" IP:{:?}", v
);
22 } else if let Some(v
) = name
.email() {
23 println
!(" EMAIL:{}", v
);
24 } else if let Some(v
) = name
.uri() {
25 println
!(" URI:{}", v
);
30 println
!("Issuer: {}", cert
.issuer_name()?
);
31 println
!("Validity:");
32 println
!(" Not Before: {}", cert
.not_before());
33 println
!(" Not After : {}", cert
.not_after());
35 println
!("Fingerprint (sha256): {}", cert
.fingerprint()?
);
37 let pubkey
= cert
.public_key()?
;
38 println
!("Public key type: {}", openssl
::nid
::Nid
::from_raw(pubkey
.id().as_raw()).long_name()?
);
39 println
!("Public key bits: {}", pubkey
.bits());
48 description
: "Force generation of new SSL certifate.",
55 /// Update node certificates and generate all needed files/directories.
56 fn update_certs(force
: Option
<bool
>) -> Result
<(), Error
> {
58 config
::create_configdir()?
;
60 if let Err(err
) = generate_auth_key() {
61 bail
!("unable to generate auth key - {}", err
);
64 if let Err(err
) = generate_csrf_key() {
65 bail
!("unable to generate csrf key - {}", err
);
68 config
::update_self_signed_cert(force
.unwrap_or(false))?
;
73 pub fn cert_mgmt_cli() -> CommandLineInterface
{
75 let cmd_def
= CliCommandMap
::new()
76 .insert("info", CliCommand
::new(&API_METHOD_CERT_INFO
))
77 .insert("update", CliCommand
::new(&API_METHOD_UPDATE_CERTS
));