Revize ad068f9d
Přidáno uživatelem Stanislav Král před asi 4 roky(ů)
| proj/services/cryptography.py | ||
|---|---|---|
| 138 | 138 |
def sign_csr(self, csr, issuer_pem, issuer_key, issuer_key_pass=None, config="", extensions="", days=30): |
| 139 | 139 |
""" |
| 140 | 140 |
Signs the given CSR by the given issuer CA |
| 141 |
|
|
| 141 | 142 |
:param csr: a string containing the CSR to be signed |
| 142 | 143 |
:param issuer_pem: string containing the certificate of the issuer that will sign this CSR in PEM format |
| 143 | 144 |
:param issuer_key: string containing the private key of the issuer's certificate in PEM format |
| ... | ... | |
| 173 | 174 |
extensions="", |
| 174 | 175 |
days=30): |
| 175 | 176 |
""" |
| 176 |
Signs the given CSR by the given issuer CA |
|
| 177 |
Creates a certificate by using the given subject, subject's key, issuer and it's key. |
|
| 178 |
|
|
| 177 | 179 |
:param subject: subject to be added to the created certificate |
| 178 | 180 |
:param subject_key: string containing the private key to be used when creating the certificate in PEM format |
| 179 | 181 |
:param issuer_key: string containing the private key of the issuer's certificate in PEM format |
| ... | ... | |
| 193 | 195 |
days=days) |
| 194 | 196 |
|
| 195 | 197 |
@staticmethod |
| 196 |
def verify_ca(certificate, key, key_pass=None):
|
|
| 198 |
def verify_ca(certificate): |
|
| 197 | 199 |
# TODO could be renamed to "verify_certificate"? This method can verify all certificates, not just CAs. |
| 198 | 200 |
# call openssl to check whether the certificate is valid to this date |
| 199 | 201 |
args = [OPENSSL_EXECUTABLE, "x509", "-checkend", "0", "-noout", "-text", "-in", "-"] |
Také k dispozici: Unified diff
Re #8472 - Improved `create_crt` documentation