Skip to content

Instantly share code, notes, and snippets.

@cbwar

cbwar/ssl.py

Created April 5, 2017 12:13
Show Gist options
  • Save cbwar/0c59f6fc9b6676e77dcf7cc42ad70aca to your computer and use it in GitHub Desktop.
Save cbwar/0c59f6fc9b6676e77dcf7cc42ad70aca to your computer and use it in GitHub Desktop.
Download ZIP
Python: Create self-signed ssl certificate
Raw
ssl.py
def create_ssl_certificate(distinguished_name, key_file, cert_file, overwrite=False, X509=None):
from OpenSSL import crypto
if not os.path.exists(cert_file) or not os.path.exists(key_file) or overwrite:
k = crypto.PKey()
k.generate_key(crypto.TYPE_RSA, 1024)
if X509 is None:
X509 = crypto.X509()
X509.get_subject().C = "FR"
X509.get_subject().ST = "Strasbourg"
X509.get_subject().L = "."
X509.get_subject().O = "Some stuff"
X509.get_subject().OU = "Some other stuff"
X509.get_subject().CN = distinguished_name
X509.set_serial_number(1)
X509.gmtime_adj_notBefore(0)
X509.gmtime_adj_notAfter(315360000)
X509.set_issuer(X509.get_subject())
X509.set_pubkey(k)
X509.sign(k, 'sha1')
open(cert_file, "wt").write(crypto.dump_certificate(crypto.FILETYPE_PEM, X509).decode('utf-8'))
open(key_file, "wt").write(crypto.dump_privatekey(crypto.FILETYPE_PEM, k).decode('utf-8'))
return cert_file, key_file
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment