While generating key/cert you should press few times 'enter' and in the very end press "yes". How to do it in code like this?
buildkey = ["printf '\n\n\n\n\n\n\n\n\n\n ' | /etc/openvpn/easy-rsa/build-key"]
runBuildKey = subprocess.Popen(buildkey, shell=True )
Don't try to edit stdin at all here. Instead, open up your openssl.cnf, and modify it to get all the input you need from the environment, like so:
[ req_distinguished_name ]
countryName_default = $ENV::SSL_countryName
stateOrProvinceName_default = $ENV::SSL_stateOrProvinenceName
...and so forth. Once this is done, set the variables in your environment before calling build-key with the argument -batch. In bash, that might look like so:
SSL_countryName=foo SSL_stateOrProvinenceName=bar build-key -batch </dev/null
Alternately, in Python, you can do the same thing via arguments to subprocess.Popen:
subprocess.call(['/etc/openvpn/easy-rsa/build-key', '-batch'], env={
'SSL_countryName': 'foo',
'SSL_stateOrProvinenceName': 'bar',
# ...and so forth for any other $ENV::* setting you want to override
}, stdin=open('/dev/null', 'r'))
However, if you really want to pass a custom stream through for stdin, you can do that -- without any shell pipeline at all:
p = subprocess.Popen(['/etc/openvpn/easy-rsa/build-key'], stdin=subprocess.PIPE)
p.communicate('\n'.join(['', '', '', '', '', 'yes', '']))
# ^^
# use one of these for each item you want to press enter to before the "yes"
openssl.cnf(since you're using easy-rsa, you'll have one) to get all its input from environment variables, so you don't need to "press enter" on stdin at all./etc/openvpn/easy-rsa, see the fileopenssl.cnf?