Build a self-signed pki
Project description
easypki
Build a Private Certificate Authority (PKI).
Feature
- Issuing a CA certificate
- Issuing a server certificate
- Issuing a client certificate
- Issuing a pkcs12 file containing the client certificate and CA certificate
- Issuance of CRL certificate
Setup
pip install easypki
How to use
Certificate creation
# module import
from easypki import pki
# make instance
private_pki = pki.BuildPKI()
# make ca cert
ca_cert, ca_key, ca_csr = private_pki.make_ca(
country_name='JP',
organization_name='Example Company',
common_name='Private RootCA',
cert_expire_days=36500
)
# make server cert
server_cert, server_key, server_csr = private_pki.make_server(
ca_cert=ca_cert,
ca_key=ca_key,
common_name='example.com',
san=['192.168.1.1', '*.example.com', 'example.net']
cert_expire_days=365
)
# make client cert
client_cert, client_key, client_csr = private_pki.make_client(
ca_cert=ca_cert,
ca_key=ca_key,
common_name='user name',
email_address='admin@example.com',
cert_expire_days=365
)
# make pkcs12 data
pkcs12 = private_pki.make_pkcs12(
ca_cert=ca_cert,
client_cert=client_cert,
client_key=client_key
)
# make crl
crl_cert, crl_key = private_pki.make_crl(
expire_cert=server_cert,
expire_date=7,
crl_cert=crl_cert,
ca_cert=ca_cert,
)
# save file
# Please specify the stored variable and file name
with open('ca_cert.pem','wb') as f:
f.write(ca_cert)
Variables output from the instance method are saved in pem data format, so they can be saved as they are.
The certificate is also stored in the instance variable. Therefore, you can also create it as follows.
prvpki = pki.BuildPKI()
ca_cert, ca_key, ca_csr = prvpki.make_ca(
common_name='Private RootCA'
)
server_cert, server_key, server_csr = prvpki.make_server(
common_name='example.com'
)
client_cert, client_key, client_csr = prvpki.make_client()
pkcs12 = prvpki.make_pkcs12()
If you already have a CA certificate and CA key created It can also be created as follows.
prvca = pki.BuildPKI()
ca_cert, ca_key, ca_csr = prvca.make_ca(
common_name='Private RootCA'
)
del prvca
prvpki = pki.BuildPKI(
ca_cert=ca_cert,
ca_key=ca_key
)
server_cert, server_key, server_csr = prvpki.make_server(
common_name='example.com'
)
client_cert, client_key, client_csr = prvpki.make_client()
pkcs12 = prvpki.make_pkcs12()
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
easypki-0.0.1.tar.gz
(7.0 kB
view details)
Built Distribution
File details
Details for the file easypki-0.0.1.tar.gz.
File metadata
- Download URL: easypki-0.0.1.tar.gz
- Upload date:
- Size: 7.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.1.13 CPython/3.6.8 Windows/10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 3c9d6eb75b131a70417e641e974a25fac9e5a984c9d8bf39a592a46269506c92 |
|
| MD5 | 4617e1880ea14eb699d4dcbc266f1015 |
|
| BLAKE2b-256 | 6c779ef483bd876f16e59f970a636814ff097f4b1f31ad75074eee2c68d980cb |
File details
Details for the file easypki-0.0.1-py3-none-any.whl.
File metadata
- Download URL: easypki-0.0.1-py3-none-any.whl
- Upload date:
- Size: 7.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.1.13 CPython/3.6.8 Windows/10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 6a536acc32292de12a6236a3acfb3e2af941af982ef673a4d1eff0a5f7f39080 |
|
| MD5 | 9ad71779d1aa9f01de4c31eac21f34a9 |
|
| BLAKE2b-256 | 43fbcb981f554c444f3fdb372b5bfe2f2cfa6d9126d2c931e025f1a42c72288f |
