Merge lp://qastaging/~jacekn/charm-helpers/charm-helpers-ssl into lp://qastaging/charm-helpers

This looks quite helpful. Thanks.

I see a few issues here.

Running this as generate_selfsigned("mykey", "mycert") fails:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "charmhelpers/contrib/ssl/__init__.py", line 19, in generate_selfsigned
    subprocess.check_call(cmd)
UnboundLocalError: local variable 'cmd' referenced before assignment

There should be a test that catches this.

Furthermore, the "subject" argument is a little opaque. I somewhat expected to be able to pass it a hostname, but that's not at all what's needed. I'd recommend any combination of:

1. Adding a docstring with a little explanation
2. Exposing the subject components as function args (rather than as one dict)

As a bonus, it might be nice to allow users to specify the number of bits the for the cert as 1024 will inevitably fall out of vogue.
3. Building a simple "CertificateSubject" class to help users construct a valid subject
4. Providing reasonable defaults.

I'm able to get the new function succeed using the "cn" parameter, but it explodes[1] when I try to use "subject." I've tried that one with various permutations on the keys included in the dict. I haven't tested the "config" parameter.

Also, I notice you're returning False for failures, but when the function actually succeeds, it returns None. You might want an explicit "return True" at the end.

[1] http://pastebin.ubuntu.com/6034287/

I added more error checking and return True statement.

Your test is failing as expected, country code should be 2 letter code. With my changes this will be picked up by the try/except block I added but there is no way I can return exact reason for openssl command failure.

Ah, that makes sense. With these changes, LGTM.