-
Notifications
You must be signed in to change notification settings - Fork 35
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #397 from skalenetwork/sgx-certs-script
add doc and script to check certificates
- Loading branch information
Showing
2 changed files
with
50 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| # How to check when the certificates stored on sgxwallet were created | ||
| - Download file `scripts/grep_certificates.py` from the sgxwallet repository and put it in sgxwallet repository directory on your machine. | ||
| - Go to sgxwallet repository directory. | ||
| - Run `python3 grep_certificates.py PATH_TO_SGXWALLET_DB_FOLDER`. PATH_TO_SGXWALLET_DB_FOLDER - path (either absolute or relative) to the `sgx_data` directory where sgxwallet db is stored. For example, `/root/sgxwallet/run_sgx/sgx_data` or `run_sgx/sgx_data` | ||
| - The script will output the dates when every certificate was created. | ||
| - Go to skale-node and run `cat .skale/node_data/sgx_certs/sgx.crt | grep "Not Before"`. | ||
| - Ensure that the output of the last command exists in the list from step 3 and it is the latest certificate there! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| import os | ||
| import re | ||
| import sys | ||
|
|
||
| def main(): | ||
| if len(sys.argv) != 2: | ||
| print("Wrong number of command line arguments: need exactly one") | ||
| exit(1) | ||
|
|
||
| path = sys.argv[1] | ||
| if not os.path.exists(path): | ||
| print("No such file or directory: ", path) | ||
| exit(2) | ||
|
|
||
| certs_path = os.path.join(path, "cert_data", "new_certs") | ||
| if not os.path.exists(certs_path): | ||
| print("No such file or directory: ", certs_path) | ||
| exit(3) | ||
|
|
||
| if len(os.listdir(certs_path)) == 0: | ||
| print("Empty certificates directory. Nothing to review.") | ||
| return | ||
|
|
||
| print("Total number of elements in folder:", len(os.listdir(certs_path))) | ||
| for entity in os.listdir(certs_path): | ||
| print("Reviewing", entity) | ||
| entity_path = os.path.join(certs_path, entity) | ||
| if not os.path.isfile(entity_path): | ||
| print("Not a regular file. Skipping.") | ||
| continue | ||
| _, extension = os.path.splitext(entity_path) | ||
| if extension != '.pem': | ||
| print("Not a ssl certificate file. Skipping.") | ||
| continue | ||
| with open(entity_path,"r") as file_one: | ||
| pattern = "Not Before" | ||
| for line in file_one: | ||
| if re.search(pattern, line): | ||
| print(line) | ||
| break | ||
|
|
||
| if __name__ == '__main__': | ||
| main() |