我正在尝试在 Python 中生成 CSR,而不使用 OpenSSL。如果有人能指出正确的方向,我将非常感激。
我假设你不想使用命令行 openssl 本身,Python 库就可以了。
这是我编写的用于创建 CSR 的辅助函数。它从生成的密钥对和 CSR 中返回私钥。该功能依赖于 pyOpenSSL.crypto。
def create_csr(self, common_name, country=None, state=None, city=None,
organization=None, organizational_unit=None,
email_address=None):
"""
Args:
common_name (str).
country (str).
state (str).
city (str).
organization (str).
organizational_unit (str).
email_address (str).
Returns:
(str, str). Tuple containing private key and certificate
signing request (PEM).
"""
key = OpenSSL.crypto.PKey()
key.generate_key(OpenSSL.crypto.TYPE_RSA, 2048)
req = OpenSSL.crypto.X509Req()
req.get_subject().CN = common_name
if country:
req.get_subject().C = country
if state:
req.get_subject().ST = state
if city:
req.get_subject().L = city
if organization:
req.get_subject().O = organization
if organizational_unit:
req.get_subject().OU = organizational_unit
if email_address:
req.get_subject().emailAddress = email_address
req.set_pubkey(key)
req.sign(key, 'sha256')
private_key = OpenSSL.crypto.dump_privatekey(
OpenSSL.crypto.FILETYPE_PEM, key)
csr = OpenSSL.crypto.dump_certificate_request(
OpenSSL.crypto.FILETYPE_PEM, req)
return private_key, csr
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)