Optimized cloudflare implementation

module_utils/cert_utils.py

@@ -0,0 +1,39 @@
+#!/usr/bin/python
+
+import os
+import subprocess
+
+class CertUtils:
+    @staticmethod
+    def run_openssl(cert_path):
+        try:
+            output = subprocess.check_output(
+                ['openssl', 'x509', '-in', cert_path, '-noout', '-text'],
+                universal_newlines=True
+            )
+            return output
+        except subprocess.CalledProcessError:
+            return ""
+
+    @staticmethod
+    def extract_sans(cert_text):
+        dns_entries = []
+        in_san = False
+        for line in cert_text.splitlines():
+            line = line.strip()
+            if 'X509v3 Subject Alternative Name:' in line:
+                in_san = True
+                continue
+            if in_san:
+                if not line:
+                    break
+                dns_entries += [e.strip().replace('DNS:', '') for e in line.split(',') if e.strip()]
+        return dns_entries
+
+    @staticmethod
+    def list_cert_files(cert_base_path):
+        cert_files = []
+        for root, dirs, files in os.walk(cert_base_path):
+            if 'cert.pem' in files:
+                cert_files.append(os.path.join(root, 'cert.pem'))
+        return cert_files