def helper_generate_certificate(self, pkey): """Create a self-signed x509 certificate.""" name = X509.X509_Name() name.C = 'NO' name.ST = 'Oslo' name.L = 'Oslo' name.O = 'University of Oslo' name.OU = 'Cerebrumtesting' name.CN = '127.0.0.1' name.emailAddress = '*****@*****.**' cert = X509.X509() cert.set_version(2) cert.set_serial_number(1) cert.set_subject(name) t = long(time.time()) + time.timezone now = ASN1.ASN1_UTCTIME() now.set_time(t) end = ASN1.ASN1_UTCTIME() end.set_time(t + 60 * 60 * 24 * 365 * 10) cert.set_not_before(now) cert.set_not_after(end) cert.set_issuer(name) cert.set_pubkey(pkey) #ext = X509.new_extension('subjectAltName', 'DNS:localhost') #ext.set_critical(0) #cert.add_ext(ext) cert.sign(pkey, 'sha1') return cert
def helper_sign_certificate(self, cakey, cacert, request): """Sign a certificate request by the given ca key and ca certificate.""" cert = X509.X509() cert.set_version(2) cert.set_serial_number(1) cert.set_subject(request.get_subject()) t = long(time.time()) + time.timezone now = ASN1.ASN1_UTCTIME() now.set_time(t) end = ASN1.ASN1_UTCTIME() end.set_time(t + 60 * 60 * 24 * 365 * 10) cert.set_not_before(now) cert.set_not_after(end) cert.set_issuer(cacert.get_subject()) cert.set_pubkey(request.get_pubkey()) #ext = X509.new_extension('subjectAltName', 'DNS:localhost') #ext.set_critical(0) #cert.add_ext(ext) cert.sign(cakey, 'sha1') return cert