Certificate Commands: add commands to verify and manage CRL

Change-Id: Id7b19e056b1b455fd7c4669916df6417599b7473

Certificate Commands: add commands to verify and manage CRL
fcb90363 · Xavier Jouslin de Noray · Andreas Traczyk · 671da238 · fcb90363
Commit fcb90363 authored 1 year ago by Xavier Jouslin de Noray Committed by Andreas Traczyk 1 year ago
--- a/developer/jami-plugins-certificate.md
+++ b/developer/jami-plugins-certificate.md
@@ -145,23 +145,34 @@ python3 ./SDK/certKey.py --plugin sign --issuer <path-to-plugin-certificate>\

 ## Revoked a certificate

-### Install dependencies
+### Create CRL

 ```bash
-sudo apt install openssl
+python3 ./certKey.py crl create --crl --issuer <path-to-ca> --subject crl <path-to-save-crl>
 ```
+
 ### Add Revoke certificate to CRL

 ```bash
-openssl ca -revoke <certificate-to-revoke>.crt \
-keyfile <private_key> -cert <issuer-certificate>.crt
+python3 ./certKey.py revoke --crl <path-to-crl> --subject <path-to-certificate-to-revoke> --issuer <path-to-ca> [--reason REASON]
+```
+
+## Verify certificate
+
+### Verify certificate signing request
+
+```bash
+python3 ./certKey.py --req [--archive] verify --path <path-to-csr> --issuer <path-to-issuer>
+```
+
+### Verify certificate
+
+```bash
+python3 ./certKey.py [--archive] verify --path <path-to-certificate> --issuer <path-to-issuer>
 ```

-### Update CRL file
+### Verify Jami Plugin

 ```bash
-openssl ca -gencrl -keyfile <private_key> \
-cert <X.509 certificate> -out /etc/<CRL_directory>/temp.crt && \
-cat <path-to-old-crt>/crl.crt /etc/<CRL_directory>/temp.crt > <path-to-crl-directory>/crl.crt \
-rm -rf /etc/<CRL_directory>/temp.crt <path-to-old-crt>/crl.crt
+python3 ./certKey.py [--archive] verify --path <path-to-plugin>
 ```