def helper_generate_certificate(self, pkey):
"""Create a self-signed x509 certificate."""
name = X509.X509_Name()
name.C = 'NO'
name.ST = 'Oslo'
name.L = 'Oslo'
name.O = 'University of Oslo'
name.OU = 'Cerebrumtesting'
name.CN = '127.0.0.1'
name.emailAddress = '*****@*****.**'
cert = X509.X509()
cert.set_version(2)
cert.set_serial_number(1)
cert.set_subject(name)
t = long(time.time()) + time.timezone
now = ASN1.ASN1_UTCTIME()
now.set_time(t)
end = ASN1.ASN1_UTCTIME()
end.set_time(t + 60 * 60 * 24 * 365 * 10)
cert.set_not_before(now)
cert.set_not_after(end)
cert.set_issuer(name)
cert.set_pubkey(pkey)
#ext = X509.new_extension('subjectAltName', 'DNS:localhost')
#ext.set_critical(0)
#cert.add_ext(ext)
cert.sign(pkey, 'sha1')
return cert
def helper_sign_certificate(self, cakey, cacert, request):
"""Sign a certificate request by the given ca key and ca certificate."""
cert = X509.X509()
cert.set_version(2)
cert.set_serial_number(1)
cert.set_subject(request.get_subject())
t = long(time.time()) + time.timezone
now = ASN1.ASN1_UTCTIME()
now.set_time(t)
end = ASN1.ASN1_UTCTIME()
end.set_time(t + 60 * 60 * 24 * 365 * 10)
cert.set_not_before(now)
cert.set_not_after(end)
cert.set_issuer(cacert.get_subject())
cert.set_pubkey(request.get_pubkey())
#ext = X509.new_extension('subjectAltName', 'DNS:localhost')
#ext.set_critical(0)
#cert.add_ext(ext)
cert.sign(cakey, 'sha1')
return cert
