• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1"""
2Create certificates and private keys for the 'simple' example.
3"""
4
5from __future__ import print_function
6
7from OpenSSL import crypto
8from certgen import (
9    createKeyPair,
10    createCertRequest,
11    createCertificate,
12)
13
14cakey = createKeyPair(crypto.TYPE_RSA, 2048)
15careq = createCertRequest(cakey, CN='Certificate Authority')
16# CA certificate is valid for five years.
17cacert = createCertificate(careq, (careq, cakey), 0, (0, 60*60*24*365*5))
18
19print('Creating Certificate Authority private key in "simple/CA.pkey"')
20with open('simple/CA.pkey', 'w') as capkey:
21    capkey.write(
22        crypto.dump_privatekey(crypto.FILETYPE_PEM, cakey).decode('utf-8')
23    )
24
25print('Creating Certificate Authority certificate in "simple/CA.cert"')
26with open('simple/CA.cert', 'w') as ca:
27    ca.write(
28        crypto.dump_certificate(crypto.FILETYPE_PEM, cacert).decode('utf-8')
29    )
30
31for (fname, cname) in [('client', 'Simple Client'),
32                       ('server', 'Simple Server')]:
33    pkey = createKeyPair(crypto.TYPE_RSA, 2048)
34    req = createCertRequest(pkey, CN=cname)
35    # Certificates are valid for five years.
36    cert = createCertificate(req, (cacert, cakey), 1, (0, 60*60*24*365*5))
37
38    print('Creating Certificate %s private key in "simple/%s.pkey"'
39          % (fname, fname))
40    with open('simple/%s.pkey' % (fname,), 'w') as leafpkey:
41        leafpkey.write(
42            crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey).decode('utf-8')
43        )
44
45    print('Creating Certificate %s certificate in "simple/%s.cert"'
46          % (fname, fname))
47    with open('simple/%s.cert' % (fname,), 'w') as leafcert:
48        leafcert.write(
49            crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode('utf-8')
50        )
51