cls = <class 'ipatests.test_integration.test_caless.TestServerReplicaCALessToCAFull'> mh = <pytest_multihost.plugin.MultihostFixture object at 0x7f28ac50c040> @classmethod def install(cls, mh): cls.cert_dir = tempfile.mkdtemp(prefix="ipatest-") cls.pem_filename = os.path.join(cls.cert_dir, 'root.pem') cls.ca2_crt = 'ca2_crt.pem' cls.ca2_kdc_crt = 'ca2_kdc_crt.pem' cls.cert_password = cls.master.config.admin_password cls.crl_path = os.path.join(cls.master.config.test_dir, 'crl') if cls.replicas: # pylint: disable=using-constant-test replica_hostname = cls.replicas[0].hostname else: replica_hostname = 'unused-replica.test' if cls.clients: # pylint: disable=using-constant-test client_hostname = cls.clients[0].hostname else: client_hostname = 'unused-client.test' create_caless_pki.domain = unicode(cls.master.domain.name) create_caless_pki.realm = unicode(cls.master.domain.name.upper()) create_caless_pki.server1 = unicode(cls.master.hostname) create_caless_pki.server2 = unicode(replica_hostname) create_caless_pki.client = unicode(client_hostname) create_caless_pki.password = unicode(cls.master.config.dirman_password) create_caless_pki.cert_dir = unicode(cls.cert_dir) # here we generate our certificates (not yet converted to .p12) logger.info('Generating certificates to %s', cls.cert_dir) > create_caless_pki.create_pki() test_integration/test_caless.py:152: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ pytest_ipa/integration/create_caless_pki.py:563: in create_pki gen_subtree(u'subca', u'Subsidiary Example Organization', ca1) pytest_ipa/integration/create_caless_pki.py:498: in gen_subtree subca = gen_cert(profile_ca, nick_base, pytest_ipa/integration/create_caless_pki.py:312: in gen_cert builder = profile(builder, ca_nick, ca, **kwargs) pytest_ipa/integration/create_caless_pki.py:156: in profile_ca x509.AuthorityKeyIdentifier _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ cls = <class 'cryptography.x509.extensions.AuthorityKeyIdentifier'> ski = <Extension(oid=<ObjectIdentifier(oid=2.5.29.14, name=subjectKeyIdentifier)>, critical=False, value=<SubjectKeyIdentifier(digest=b"*\xcd\xe1\xbcX7L\xfb\x8c\xc4\xa2\xa4\xf2i\\'\x84\x95\xde{")>)> @classmethod def from_issuer_subject_key_identifier(cls, ski): return cls( > key_identifier=ski.digest, authority_cert_issuer=None, authority_cert_serial_number=None, ) E AttributeError: 'Extension' object has no attribute 'digest' ../cryptography/x509/extensions.py:221: AttributeError
python-cryptography deprecated passing an Extension object in favor of SubjectKeyIdentifier since 2.7 and turned this into the error in 3.0 [0].
python-cryptography
Extension
SubjectKeyIdentifier
[0]: https://github.com/pyca/cryptography/commit/3b2102af549c1095d5478bb1243ee4cf76b9762b
master:
ipa-4-8:
Metadata Update from @frenaud: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.