gotthard_g/aaredb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
aaredb/backend/app/ssl_heidi.py
GotthardG a0be71bdfe Fix formatting with black
2024-12-16 10:41:56 +01:00

58 lines
1.9 KiB
Python
Raw Blame History

# Generate SSL Key and Certificate
from cryptography import x509
from cryptography.x509.oid import NameOID
from cryptography.hazmat.primitives import serialization, hashes
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives.serialization import Encoding
import datetime
def generate_self_signed_cert(cert_file: str, key_file: str):
# Generate private key
key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
)
# Write private key to file
with open(key_file, "wb") as f:
f.write(
key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption(),
)
)
# Generate self-signed certificate
subject = issuer = x509.Name(
[
x509.NameAttribute(NameOID.COUNTRY_NAME, "CH"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "Argau"),
x509.NameAttribute(NameOID.LOCALITY_NAME, "Villigen"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, "Paul Scherrer Institut"),
x509.NameAttribute(NameOID.COMMON_NAME, "PSI.CH"),
]
)
cert = (
x509.CertificateBuilder()
.subject_name(subject)
.issuer_name(issuer)
.public_key(key.public_key())
.serial_number(x509.random_serial_number())
.not_valid_before(datetime.datetime.utcnow())
.not_valid_after(
# Our certificate will be valid for 10 days
datetime.datetime.utcnow()
+ datetime.timedelta(days=10)
)
.add_extension(
x509.SubjectAlternativeName([x509.DNSName("localhost")]),
critical=False,
)
.sign(key, hashes.SHA256())
)
# Write certificate to file
with open(cert_file, "wb") as f:
f.write(cert.public_bytes(Encoding.PEM))
Reference in New Issue View Git Blame Copy Permalink