Rename PKI arguments

fixes #7427
This commit is contained in:
Michael Friedrich 2014-10-22 15:36:39 +02:00
parent 177117cbe1
commit 6bfd6312f5
7 changed files with 74 additions and 74 deletions

View File

@ -149,7 +149,7 @@ namespace Icinga
if (!File.Exists(pathPrefix + ".crt")) { if (!File.Exists(pathPrefix + ".crt")) {
if (!RunProcess(Icinga2InstallDir + "\\sbin\\icinga2.exe", if (!RunProcess(Icinga2InstallDir + "\\sbin\\icinga2.exe",
"pki new-cert --cn \"" + txtInstanceName.Text + "\" --keyfile \"" + pathPrefix + ".key\" --certfile \"" + pathPrefix + ".crt\"", "pki new-cert --cn \"" + txtInstanceName.Text + "\" --key \"" + pathPrefix + ".key\" --cert \"" + pathPrefix + ".crt\"",
out output)) { out output)) {
ShowErrorText(output); ShowErrorText(output);
return; return;
@ -161,7 +161,7 @@ namespace Icinga
_TrustedFile = Path.GetTempFileName(); _TrustedFile = Path.GetTempFileName();
if (!RunProcess(Icinga2InstallDir + "\\sbin\\icinga2.exe", if (!RunProcess(Icinga2InstallDir + "\\sbin\\icinga2.exe",
"pki save-cert --host \"" + host + "\" --port \"" + port + "\" --keyfile \"" + pathPrefix + ".key\" --certfile \"" + pathPrefix + ".crt\" --trustedfile \"" + _TrustedFile + "\"", "pki save-cert --host \"" + host + "\" --port \"" + port + "\" --key \"" + pathPrefix + ".key\" --cert \"" + pathPrefix + ".crt\" --trustedcert \"" + _TrustedFile + "\"",
out output)) { out output)) {
ShowErrorText(output); ShowErrorText(output);
return; return;

View File

@ -197,8 +197,8 @@ object name.
Example: Example:
# icinga2 pki new-cert --cn icinga2a --keyfile icinga2a.key --csrfile icinga2a.csr # icinga2 pki new-cert --cn icinga2a --key icinga2a.key --csr icinga2a.csr
# icinga2 pki sign-csr --csrfile icinga2a.csr --certfile icinga2a.crt # icinga2 pki sign-csr --csr icinga2a.csr --cert icinga2a.crt
# vim cluster.conf # vim cluster.conf
@ -241,8 +241,8 @@ following command:
Now create a certificate and key file for each node running the following command Now create a certificate and key file for each node running the following command
(replace `icinga2a` with the required hostname): (replace `icinga2a` with the required hostname):
# icinga2 pki new-cert --cn icinga2a --keyfile icinga2a.key --csrfile icinga2a.csr # icinga2 pki new-cert --cn icinga2a --key icinga2a.key --csr icinga2a.csr
# icinga2 pki sign-csr --csrfile icinga2a.csr --certfile icinga2a.crt # icinga2 pki sign-csr --csr icinga2a.csr --cert icinga2a.crt
Repeat the step for all nodes in your cluster scenario. Repeat the step for all nodes in your cluster scenario.

View File

@ -70,7 +70,7 @@ void AgentSetupCommand::InitParameters(boost::program_options::options_descripti
std::vector<String> AgentSetupCommand::GetArgumentSuggestions(const String& argument, const String& word) const std::vector<String> AgentSetupCommand::GetArgumentSuggestions(const String& argument, const String& word) const
{ {
if (argument == "keyfile" || argument == "certfile" || argument == "trustedcert") if (argument == "key" || argument == "cert" || argument == "trustedcert")
return GetBashCompletionSuggestions("file", word); return GetBashCompletionSuggestions("file", word);
else if (argument == "host") else if (argument == "host")
return GetBashCompletionSuggestions("hostname", word); return GetBashCompletionSuggestions("hostname", word);
@ -133,11 +133,11 @@ int AgentSetupCommand::SetupMaster(const boost::program_options::variables_map&
if (vm.count("cn")) if (vm.count("cn"))
cn = vm["cn"].as<std::string>(); cn = vm["cn"].as<std::string>();
String keyfile = local_pki_path + "/" + cn + ".key"; String key = local_pki_path + "/" + cn + ".key";
String certfile = local_pki_path + "/" + cn + ".crt"; String cert = local_pki_path + "/" + cn + ".crt";
String cafile = PkiUtility::GetLocalCaPath() + "/ca.crt"; String ca = PkiUtility::GetLocalCaPath() + "/ca.crt";
if (PkiUtility::NewCert(cn, keyfile, Empty, certfile) > 0) { if (PkiUtility::NewCert(cn, key, Empty, cert) > 0) {
Log(LogCritical, "cli", "Failed to create self-signed certificate"); Log(LogCritical, "cli", "Failed to create self-signed certificate");
} }
@ -150,14 +150,14 @@ int AgentSetupCommand::SetupMaster(const boost::program_options::variables_map&
Log(LogInformation, "cli") Log(LogInformation, "cli")
<< "Moving certificates to " << pki_path << "."; << "Moving certificates to " << pki_path << ".";
String target_keyfile = pki_path + "/" + cn + ".key"; String target_key = pki_path + "/" + cn + ".key";
String target_certfile = pki_path + "/" + cn + ".crt"; String target_cert = pki_path + "/" + cn + ".crt";
String target_cafile = pki_path + "/ca.crt"; String target_ca = pki_path + "/ca.crt";
//TODO //TODO
PkiUtility::CopyCertFile(keyfile, target_keyfile); PkiUtility::CopyCertFile(key, target_key);
PkiUtility::CopyCertFile(certfile, target_certfile); PkiUtility::CopyCertFile(cert, target_cert);
PkiUtility::CopyCertFile(cafile, target_cafile); PkiUtility::CopyCertFile(ca, target_ca);
std::cout << ConsoleColorTag(Console_ForegroundRed | Console_Bold) << "PLACEHOLDER" << ConsoleColorTag(Console_Normal) << std::endl; std::cout << ConsoleColorTag(Console_ForegroundRed | Console_Bold) << "PLACEHOLDER" << ConsoleColorTag(Console_Normal) << std::endl;
@ -248,7 +248,7 @@ int AgentSetupCommand::SetupAgent(const boost::program_options::variables_map& v
if (!vm.count("trustedcert")) { if (!vm.count("trustedcert")) {
Log(LogCritical, "cli") Log(LogCritical, "cli")
<< "Please pass the trusted cert retrieved from the master\n" << "Please pass the trusted cert retrieved from the master\n"
<< "(Hint: 'icinga2 pki save-cert --host <masterhost> --port <5665> --keyfile local.key --certfile local.crt --trustedfile master.crt')."; << "(Hint: 'icinga2 pki save-cert --host <masterhost> --port <5665> --key local.key --cert local.crt --trustedcert master.crt').";
return 1; return 1;
} }
@ -276,28 +276,28 @@ int AgentSetupCommand::SetupAgent(const boost::program_options::variables_map& v
String local_pki_path = PkiUtility::GetLocalPkiPath(); String local_pki_path = PkiUtility::GetLocalPkiPath();
String keyfile = local_pki_path + "/" + cn + ".key"; String key = local_pki_path + "/" + cn + ".key";
String certfile = local_pki_path + "/" + cn + ".crt"; String cert = local_pki_path + "/" + cn + ".crt";
String cafile = PkiUtility::GetLocalCaPath() + "/ca.crt"; String ca = PkiUtility::GetLocalCaPath() + "/ca.crt";
//TODO: local CA or any other one? //TODO: local CA or any other one?
if (!Utility::PathExists(cafile)) { if (!Utility::PathExists(ca)) {
Log(LogCritical, "cli") Log(LogCritical, "cli")
<< "CA file '" << cafile << "' does not exist. Please generate a new CA first.\n" << "CA file '" << ca << "' does not exist. Please generate a new CA first.\n"
<< "Hist: 'icinga2 pki new-ca'"; << "Hist: 'icinga2 pki new-ca'";
return 1; return 1;
} }
if (!Utility::PathExists(keyfile)) { if (!Utility::PathExists(key)) {
Log(LogCritical, "cli") Log(LogCritical, "cli")
<< "Private key file '" << keyfile << "' does not exist. Please generate a new certificate first.\n" << "Private key file '" << key << "' does not exist. Please generate a new certificate first.\n"
<< "Hist: 'icinga2 pki new-cert'"; << "Hist: 'icinga2 pki new-cert'";
return 1; return 1;
} }
if (!Utility::PathExists(certfile)) { if (!Utility::PathExists(cert)) {
Log(LogCritical, "cli") Log(LogCritical, "cli")
<< "Cert file '" << certfile << "' does not exist. Please generate a new certificate first.\n" << "Cert file '" << cert << "' does not exist. Please generate a new certificate first.\n"
<< "Hist: 'icinga2 pki new-cert'"; << "Hist: 'icinga2 pki new-cert'";
return 1; return 1;
} }
@ -308,7 +308,7 @@ int AgentSetupCommand::SetupAgent(const boost::program_options::variables_map& v
String port = "5665"; String port = "5665";
PkiUtility::RequestCertificate(master_host, master_port, keyfile, certfile, cafile, trustedcert, ticket); PkiUtility::RequestCertificate(master_host, master_port, key, cert, ca, trustedcert, ticket);
/* /*
* 5. get public key signed by the master, private key and ca.crt and copy it to /etc/icinga2/pki * 5. get public key signed by the master, private key and ca.crt and copy it to /etc/icinga2/pki

View File

@ -41,14 +41,14 @@ void PKINewCertCommand::InitParameters(boost::program_options::options_descripti
{ {
visibleDesc.add_options() visibleDesc.add_options()
("cn", po::value<std::string>(), "Common Name") ("cn", po::value<std::string>(), "Common Name")
("keyfile", po::value<std::string>(), "Key file path (output") ("key", po::value<std::string>(), "Key file path (output")
("csrfile", po::value<std::string>(), "CSR file path (optional, output)") ("csr", po::value<std::string>(), "CSR file path (optional, output)")
("certfile", po::value<std::string>(), "Certificate file path (optional, output)"); ("cert", po::value<std::string>(), "Certificate file path (optional, output)");
} }
std::vector<String> PKINewCertCommand::GetArgumentSuggestions(const String& argument, const String& word) const std::vector<String> PKINewCertCommand::GetArgumentSuggestions(const String& argument, const String& word) const
{ {
if (argument == "keyfile" || argument == "csrfile" || argument == "certfile") if (argument == "key" || argument == "csr" || argument == "cert")
return GetBashCompletionSuggestions("file", word); return GetBashCompletionSuggestions("file", word);
else else
return CLICommand::GetArgumentSuggestions(argument, word); return CLICommand::GetArgumentSuggestions(argument, word);
@ -66,18 +66,18 @@ int PKINewCertCommand::Run(const boost::program_options::variables_map& vm, cons
return 1; return 1;
} }
if (!vm.count("keyfile")) { if (!vm.count("key")) {
Log(LogCritical, "cli", "Key file path (--keyfile) must be specified."); Log(LogCritical, "cli", "Key file path (--key) must be specified.");
return 1; return 1;
} }
String csrfile, certfile; String csr, cert;
if (vm.count("csrfile")) if (vm.count("csr"))
csrfile = vm["csrfile"].as<std::string>(); csr = vm["csr"].as<std::string>();
if (vm.count("certfile")) if (vm.count("cert"))
certfile = vm["certfile"].as<std::string>(); cert = vm["cert"].as<std::string>();
return PkiUtility::NewCert(vm["cn"].as<std::string>(), vm["keyfile"].as<std::string>(), csrfile, certfile); return PkiUtility::NewCert(vm["cn"].as<std::string>(), vm["key"].as<std::string>(), csr, cert);
} }

View File

@ -41,10 +41,10 @@ void PKIRequestCommand::InitParameters(boost::program_options::options_descripti
boost::program_options::options_description& hiddenDesc) const boost::program_options::options_description& hiddenDesc) const
{ {
visibleDesc.add_options() visibleDesc.add_options()
("keyfile", po::value<std::string>(), "Key file path (input)") ("key", po::value<std::string>(), "Key file path (input)")
("certfile", po::value<std::string>(), "Certificate file path (input + output)") ("cert", po::value<std::string>(), "Certificate file path (input + output)")
("cafile", po::value<std::string>(), "CA file path (output)") ("ca", po::value<std::string>(), "CA file path (output)")
("trustedfile", po::value<std::string>(), "Trusted certificate file path (input)") ("trustedcert", po::value<std::string>(), "Trusted certificate file path (input)")
("host", po::value<std::string>(), "Icinga 2 host") ("host", po::value<std::string>(), "Icinga 2 host")
("port", po::value<std::string>(), "Icinga 2 port") ("port", po::value<std::string>(), "Icinga 2 port")
("ticket", po::value<std::string>(), "Icinga 2 PKI ticket"); ("ticket", po::value<std::string>(), "Icinga 2 PKI ticket");
@ -52,7 +52,7 @@ void PKIRequestCommand::InitParameters(boost::program_options::options_descripti
std::vector<String> PKIRequestCommand::GetArgumentSuggestions(const String& argument, const String& word) const std::vector<String> PKIRequestCommand::GetArgumentSuggestions(const String& argument, const String& word) const
{ {
if (argument == "keyfile" || argument == "certfile" || argument == "cafile" || argument == "trustedfile") if (argument == "key" || argument == "cert" || argument == "ca" || argument == "trustedcert")
return GetBashCompletionSuggestions("file", word); return GetBashCompletionSuggestions("file", word);
else if (argument == "host") else if (argument == "host")
return GetBashCompletionSuggestions("hostname", word); return GetBashCompletionSuggestions("hostname", word);
@ -74,23 +74,23 @@ int PKIRequestCommand::Run(const boost::program_options::variables_map& vm, cons
return 1; return 1;
} }
if (!vm.count("keyfile")) { if (!vm.count("key")) {
Log(LogCritical, "cli", "Key input file path (--keyfile) must be specified."); Log(LogCritical, "cli", "Key input file path (--key) must be specified.");
return 1; return 1;
} }
if (!vm.count("certfile")) { if (!vm.count("cert")) {
Log(LogCritical, "cli", "Certificate output file path (--certfile) must be specified."); Log(LogCritical, "cli", "Certificate output file path (--cert) must be specified.");
return 1; return 1;
} }
if (!vm.count("cafile")) { if (!vm.count("ca")) {
Log(LogCritical, "cli", "CA certificate output file path (--cafile) must be specified."); Log(LogCritical, "cli", "CA certificate output file path (--ca) must be specified.");
return 1; return 1;
} }
if (!vm.count("trustedfile")) { if (!vm.count("trustedcert")) {
Log(LogCritical, "cli", "Trusted certificate input file path (--trustedfile) must be specified."); Log(LogCritical, "cli", "Trusted certificate input file path (--trustedcert) must be specified.");
return 1; return 1;
} }
@ -104,7 +104,7 @@ int PKIRequestCommand::Run(const boost::program_options::variables_map& vm, cons
if (vm.count("port")) if (vm.count("port"))
port = vm["port"].as<std::string>(); port = vm["port"].as<std::string>();
return PkiUtility::RequestCertificate(vm["host"].as<std::string>(), port, vm["keyfile"].as<std::string>(), return PkiUtility::RequestCertificate(vm["host"].as<std::string>(), port, vm["key"].as<std::string>(),
vm["certfile"].as<std::string>(), vm["cafile"].as<std::string>(), vm["trustedfile"].as<std::string>(), vm["cert"].as<std::string>(), vm["ca"].as<std::string>(), vm["trustedcert"].as<std::string>(),
vm["ticket"].as<std::string>()); vm["ticket"].as<std::string>());
} }

View File

@ -40,16 +40,16 @@ void PKISaveCertCommand::InitParameters(boost::program_options::options_descript
boost::program_options::options_description& hiddenDesc) const boost::program_options::options_description& hiddenDesc) const
{ {
visibleDesc.add_options() visibleDesc.add_options()
("keyfile", po::value<std::string>(), "Key file path (input)") ("key", po::value<std::string>(), "Key file path (input)")
("certfile", po::value<std::string>(), "Certificate file path (input)") ("cert", po::value<std::string>(), "Certificate file path (input)")
("trustedfile", po::value<std::string>(), "Trusted certificate file path (output)") ("trustedcert", po::value<std::string>(), "Trusted certificate file path (output)")
("host", po::value<std::string>(), "Icinga 2 host") ("host", po::value<std::string>(), "Icinga 2 host")
("port", po::value<std::string>(), "Icinga 2 port"); ("port", po::value<std::string>(), "Icinga 2 port");
} }
std::vector<String> PKISaveCertCommand::GetArgumentSuggestions(const String& argument, const String& word) const std::vector<String> PKISaveCertCommand::GetArgumentSuggestions(const String& argument, const String& word) const
{ {
if (argument == "keyfile" || argument == "certfile" || argument == "trustedfile") if (argument == "key" || argument == "cert" || argument == "trustedcert")
return GetBashCompletionSuggestions("file", word); return GetBashCompletionSuggestions("file", word);
else if (argument == "host") else if (argument == "host")
return GetBashCompletionSuggestions("hostname", word); return GetBashCompletionSuggestions("hostname", word);
@ -71,18 +71,18 @@ int PKISaveCertCommand::Run(const boost::program_options::variables_map& vm, con
return 1; return 1;
} }
if (!vm.count("keyfile")) { if (!vm.count("key")) {
Log(LogCritical, "cli", "Key input file path (--keyfile) must be specified."); Log(LogCritical, "cli", "Key input file path (--key) must be specified.");
return 1; return 1;
} }
if (!vm.count("certfile")) { if (!vm.count("cert")) {
Log(LogCritical, "cli", "Certificate input file path (--certfile) must be specified."); Log(LogCritical, "cli", "Certificate input file path (--cert) must be specified.");
return 1; return 1;
} }
if (!vm.count("trustedfile")) { if (!vm.count("trustedcert")) {
Log(LogCritical, "cli", "Trusted certificate output file path (--trustedfile) must be specified."); Log(LogCritical, "cli", "Trusted certificate output file path (--trustedcert) must be specified.");
return 1; return 1;
} }
@ -91,5 +91,5 @@ int PKISaveCertCommand::Run(const boost::program_options::variables_map& vm, con
if (vm.count("port")) if (vm.count("port"))
port = vm["port"].as<std::string>(); port = vm["port"].as<std::string>();
return PkiUtility::SaveCert(vm["host"].as<std::string>(), port, vm["keyfile"].as<std::string>(), vm["certfile"].as<std::string>(), vm["trustedfile"].as<std::string>()); return PkiUtility::SaveCert(vm["host"].as<std::string>(), port, vm["key"].as<std::string>(), vm["cert"].as<std::string>(), vm["trustedcert"].as<std::string>());
} }

View File

@ -40,13 +40,13 @@ void PKISignCSRCommand::InitParameters(boost::program_options::options_descripti
boost::program_options::options_description& hiddenDesc) const boost::program_options::options_description& hiddenDesc) const
{ {
visibleDesc.add_options() visibleDesc.add_options()
("csrfile", po::value<std::string>(), "CSR file path (input)") ("csr", po::value<std::string>(), "CSR file path (input)")
("certfile", po::value<std::string>(), "Certificate file path (output)"); ("cert", po::value<std::string>(), "Certificate file path (output)");
} }
std::vector<String> PKISignCSRCommand::GetArgumentSuggestions(const String& argument, const String& word) const std::vector<String> PKISignCSRCommand::GetArgumentSuggestions(const String& argument, const String& word) const
{ {
if (argument == "csrfile" || argument == "certfile") if (argument == "csr" || argument == "cert")
return GetBashCompletionSuggestions("file", word); return GetBashCompletionSuggestions("file", word);
else else
return CLICommand::GetArgumentSuggestions(argument, word); return CLICommand::GetArgumentSuggestions(argument, word);
@ -59,15 +59,15 @@ std::vector<String> PKISignCSRCommand::GetArgumentSuggestions(const String& argu
*/ */
int PKISignCSRCommand::Run(const boost::program_options::variables_map& vm, const std::vector<std::string>& ap) const int PKISignCSRCommand::Run(const boost::program_options::variables_map& vm, const std::vector<std::string>& ap) const
{ {
if (!vm.count("csrfile")) { if (!vm.count("csr")) {
Log(LogCritical, "cli", "Certificate signing request file path (--csrfile) must be specified."); Log(LogCritical, "cli", "Certificate signing request file path (--csr) must be specified.");
return 1; return 1;
} }
if (!vm.count("certfile")) { if (!vm.count("cert")) {
Log(LogCritical, "cli", "Certificate file path (--certfile) must be specified."); Log(LogCritical, "cli", "Certificate file path (--cert) must be specified.");
return 1; return 1;
} }
return PkiUtility::SignCsr(vm["csrfile"].as<std::string>(), vm["certfile"].as<std::string>()); return PkiUtility::SignCsr(vm["csr"].as<std::string>(), vm["cert"].as<std::string>());
} }