1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
"""
Create certificates and private keys for the 'simple' example.
"""
from OpenSSL import crypto
from certgen import * # yes yes, I know, I'm lazy
cakey = createKeyPair(TYPE_RSA, 2048)
careq = createCertRequest(cakey, CN='Certificate Authority')
cacert = createCertificate(careq, (careq, cakey), 0, (0, 60*60*24*365*5)) # five years
print('Creating Certificate Authority private key in "simple/CA.pkey"')
with open('simple/CA.pkey', 'w') as capkey:
capkey.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, cakey).decode('utf-8'))
print('Creating Certificate Authority certificate in "simple/CA.cert"')
with open('simple/CA.cert', 'w') as ca:
ca.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cacert).decode('utf-8'))
for (fname, cname) in [('client', 'Simple Client'), ('server', 'Simple Server')]:
pkey = createKeyPair(TYPE_RSA, 2048)
req = createCertRequest(pkey, CN=cname)
cert = createCertificate(req, (cacert, cakey), 1, (0, 60*60*24*365*5)) # five years
print('Creating Certificate %s private key in "simple/%s.pkey"' % (fname, fname))
with open('simple/%s.pkey' % (fname,), 'w') as leafpkey:
leafpkey.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey).decode('utf-8'))
print('Creating Certificate %s certificate in "simple/%s.cert"' % (fname, fname))
with open('simple/%s.cert' % (fname,), 'w') as leafcert:
leafcert.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode('utf-8'))
|