Better custom cert handling in the superuser tool

We now only allow certificates ending in .crt to be uploaded and we automatically install the certificate once it has been validated

test/test_api_usage.py

@@ -4457,21 +4457,21 @@ class TestSuperUserCustomCertificates(ApiTestCase):
 
     # Upload a certificate.
     cert_contents, _ = generate_test_cert(hostname='somecoolhost', san_list=['DNS:bar', 'DNS:baz'])
-    self.postResponse(SuperUserCustomCertificate, params=dict(certpath='testcert'),
-                      file=(StringIO(cert_contents), 'testcert'), expected_code=204)
+    self.postResponse(SuperUserCustomCertificate, params=dict(certpath='testcert.crt'),
+                      file=(StringIO(cert_contents), 'testcert.crt'), expected_code=204)
 
     # Make sure it is present.
     json = self.getJsonResponse(SuperUserCustomCertificates)
     self.assertEquals(1, len(json['certs']))
 
     cert_info = json['certs'][0]
-    self.assertEquals('testcert', cert_info['path'])
+    self.assertEquals('testcert.crt', cert_info['path'])
 
     self.assertEquals(set(['somecoolhost', 'bar', 'baz']), set(cert_info['names']))
     self.assertFalse(cert_info['expired'])
 
     # Remove the certificate.
-    self.deleteResponse(SuperUserCustomCertificate, params=dict(certpath='testcert'))
+    self.deleteResponse(SuperUserCustomCertificate, params=dict(certpath='testcert.crt'))
 
     # Make sure it is gone.
     json = self.getJsonResponse(SuperUserCustomCertificates)
@@ -4482,15 +4482,15 @@ class TestSuperUserCustomCertificates(ApiTestCase):
 
     # Upload a certificate.
     cert_contents, _ = generate_test_cert(hostname='somecoolhost', expires=-10)
-    self.postResponse(SuperUserCustomCertificate, params=dict(certpath='testcert'),
-                      file=(StringIO(cert_contents), 'testcert'), expected_code=204)
+    self.postResponse(SuperUserCustomCertificate, params=dict(certpath='testcert.crt'),
+                      file=(StringIO(cert_contents), 'testcert.crt'), expected_code=204)
 
     # Make sure it is present.
     json = self.getJsonResponse(SuperUserCustomCertificates)
     self.assertEquals(1, len(json['certs']))
 
     cert_info = json['certs'][0]
-    self.assertEquals('testcert', cert_info['path'])
+    self.assertEquals('testcert.crt', cert_info['path'])
 
     self.assertEquals(set(['somecoolhost']), set(cert_info['names']))
     self.assertTrue(cert_info['expired'])
@@ -4499,15 +4499,15 @@ class TestSuperUserCustomCertificates(ApiTestCase):
     self.login(ADMIN_ACCESS_USER)
 
     # Upload an invalid certificate.
-    self.postResponse(SuperUserCustomCertificate, params=dict(certpath='testcert'),
-                      file=(StringIO('some contents'), 'testcert'), expected_code=204)
+    self.postResponse(SuperUserCustomCertificate, params=dict(certpath='testcert.crt'),
+                      file=(StringIO('some contents'), 'testcert.crt'), expected_code=204)
 
     # Make sure it is present but invalid.
     json = self.getJsonResponse(SuperUserCustomCertificates)
     self.assertEquals(1, len(json['certs']))
 
     cert_info = json['certs'][0]
-    self.assertEquals('testcert', cert_info['path'])
+    self.assertEquals('testcert.crt', cert_info['path'])
     self.assertEquals('no start line', cert_info['error'])
 
   def test_path_sanitization(self):
@@ -4515,15 +4515,15 @@ class TestSuperUserCustomCertificates(ApiTestCase):
 
     # Upload a certificate.
     cert_contents, _ = generate_test_cert(hostname='somecoolhost', expires=-10)
-    self.postResponse(SuperUserCustomCertificate, params=dict(certpath='testcert/../foobar'),
-                      file=(StringIO(cert_contents), 'testcert/../foobar'), expected_code=204)
+    self.postResponse(SuperUserCustomCertificate, params=dict(certpath='testcert/../foobar.crt'),
+                      file=(StringIO(cert_contents), 'testcert/../foobar.crt'), expected_code=204)
 
     # Make sure it is present.
     json = self.getJsonResponse(SuperUserCustomCertificates)
     self.assertEquals(1, len(json['certs']))
 
     cert_info = json['certs'][0]
-    self.assertEquals('foobar', cert_info['path'])
+    self.assertEquals('foobar.crt', cert_info['path'])
 
 
 class TestSuperUserTakeOwnership(ApiTestCase):