def sign_certificate_request(self, cert_req: X509Req, serial_number: int) -> X509: cert = X509() cert.set_issuer(self.__cert.get_subject()) cert.set_pubkey(cert_req.get_pubkey()) cert.set_subject(cert_req.get_subject()) cert.set_serial_number(serial_number) cert.gmtime_adj_notBefore(0) cert.gmtime_adj_notAfter(365 * 24 * 60 * 60) cert.sign(self.__pkey, "sha256") return cert
def make_cert(req: X509Req, ca_pkey: PKey) -> X509: cert = X509() cert.set_serial_number(1) cert.set_version(2) cert.set_subject(req.get_subject()) cert.set_pubkey(req.get_pubkey()) cert.set_notBefore(x509_time(minutes=-1)) cert.set_notAfter(x509_time(days=30)) # noinspection PyTypeChecker cert.sign(ca_pkey, 'sha1') return cert