def create_x509_cert(cert_dir, x509_req): # Load the CA cert ca_cert = crypto.load_certificate(crypto.FILETYPE_PEM, file_get_contents(os.path.join(cert_dir, "ca_cert.pem"))) # Load private key key = crypto.load_privatekey(crypto.FILETYPE_PEM, file_get_contents(os.path.join(cert_dir, "ca_key.pem"))) # Generate serial number serial = random.randint(1, 2048) # Valid for one year starting from now not_before = 0 not_after = 60 * 60 * 24 * 365 newcert = x509.create_cert(x509_req, ca_cert, key, serial, not_before, not_after) return crypto.dump_certificate(crypto.FILETYPE_PEM, newcert)
def create_x509_cert(cert_dir, x509_req): # Load the CA cert ca_cert = crypto.load_certificate( crypto.FILETYPE_PEM, file_get_contents(os.path.join(cert_dir, "ca_cert.pem"))) # Load private key key = crypto.load_privatekey( crypto.FILETYPE_PEM, file_get_contents(os.path.join(cert_dir, "ca_key.pem"))) # Generate serial number serial = random.randint(1, 2048) # Valid for one year starting from now not_before = 0 not_after = 60 * 60 * 24 * 365 newcert = x509.create_cert(x509_req, ca_cert, key, serial, not_before, not_after) return crypto.dump_certificate(crypto.FILETYPE_PEM, newcert)
cakey = x509.gen_rsa_keypair() # save ca_key.pem to filesystem open(os.path.join(CERT_DIR, 'ca_key.pem'), 'w').write(x509.key_as_pem(cakey)) # create cert request req = x509.create_x509_req(cakey, CN='CA', emailAddress='*****@*****.**', O='ConPaaS') five_years = 60 * 60 * 24 * 365 * 5 # create ca certificate, valid for five years cacert = x509.create_cert( req=req, issuer_cert=req, issuer_key=cakey, serial=random.randint(1, sys.maxint), not_before=0, not_after=five_years) # save ca_cert.pem to filesystem open(os.path.join(CERT_DIR, 'ca_cert.pem'), 'w').write( x509.cert_as_pem(cacert)) # create director key dkey = x509.gen_rsa_keypair() # save key.pem to filesystem open(os.path.join(CERT_DIR, 'key.pem'), 'w').write(x509.key_as_pem(dkey)) # create director cert request
# save ca_key.pem to filesystem open(os.path.join(CERT_DIR, 'ca_key.pem'), 'w').write(x509.key_as_pem(cakey)) # create cert request req = x509.create_x509_req(cakey, CN='CA', emailAddress='*****@*****.**', O='ConPaaS') five_years = 60 * 60 * 24 * 365 * 5 # create ca certificate, valid for five years cacert = x509.create_cert(req=req, issuer_cert=req, issuer_key=cakey, serial=random.randint(1, sys.maxint), not_before=0, not_after=five_years) # save ca_cert.pem to filesystem open(os.path.join(CERT_DIR, 'ca_cert.pem'), 'w').write(x509.cert_as_pem(cacert)) # create director key dkey = x509.gen_rsa_keypair() # save key.pem to filesystem open(os.path.join(CERT_DIR, 'key.pem'), 'w').write(x509.key_as_pem(dkey)) # create director cert request req = x509.create_x509_req(dkey,