def createCertsAndKeys(host=None):
if host is None:
host = socket.gethostname()
File.deletes([
Security.__privateKeyPath, Security.__publicKeyPath,
Security.__certificatePemPath, Security.__certificateCrtPath
])
key = OpenSSL.crypto.PKey()
key.generate_key(OpenSSL.crypto.TYPE_RSA, 2048)
certificate = OpenSSL.crypto.X509()
certificate.get_subject().C = "US"
certificate.get_subject().ST = "Oregon"
certificate.get_subject().L = "Portland"
certificate.get_subject().O = "Cocoscats"
certificate.get_subject().OU = "Cocoscats"
certificate.get_subject().CN = host
certificate.set_serial_number(random.randint(1, 99999999999))
certificate.gmtime_adj_notBefore(0)
certificate.gmtime_adj_notAfter(10 * 365 * 24 * 60 * 60)
certificate.set_issuer(certificate.get_subject())
certificate.set_pubkey(key)
certificate.sign(key, "sha512")
privateKeyData = OpenSSL.crypto.dump_privatekey(
OpenSSL.crypto.FILETYPE_PEM, key)
publicKeyData = OpenSSL.crypto.dump_publickey(
OpenSSL.crypto.FILETYPE_PEM, key)
certificateData = OpenSSL.crypto.dump_certificate(
OpenSSL.crypto.FILETYPE_PEM, certificate)
File.setContent(Security.__privateKeyPath,
privateKeyData,
asBytes=True,
mkdirs=True)
File.setContent(Security.__publicKeyPath,
publicKeyData,
asBytes=True,
mkdirs=True)
File.setContent(Security.__certificatePemPath,
certificateData,
asBytes=True,
mkdirs=True)
if Security.hasOpenSSL():
ret = os.system(
"openssl x509 -outform der -in {0} -out {1}".format(
Security.__certificatePemPath,
Security.__certificateCrtPath))
def deleteCertsAndKeys():
File.deletes([
Security.__certificateCrtPath, Security.__certificatePemPath,
Security.__privateKeyPath, Security.__publicKeyPath
])