A Python SCEP client and server
Project description
PyScep
A Python SCEP Client library to enrol for certificate from a SCEP CA.
Note: It is intended to be used for testing the environments
Getting Started
Prerequisite
Either Generate a Self Signed Certificate or use an existing Certificate issued by CA
Generate a Self Signed Certificate
identity, identity_private_key = Client.SigningRequest.generate_self_signed(
cn=u'PyScep-test',
key_usage={u'digital_signature', u'key_encipherment'}
)
Note: this will generate a new RSA Key pair automatically, you can optionally supply a private_key
.
Load an Existing Certificate
identity, identity_private_key = Client.Certificate.from_p12_file(
p12_file='/path/to/cert.p12',
password='password'
)
Signing Request
csr, private_key = Client.SigningRequest.generate_csr(
cn=u'PyScep-test',
key_usage={u'digital_signature', u'key_encipherment'},
password='password'
)
Note: this will generate a new RSA Key pair automatically, you can optionally supply a private_key
.
Creating a Client
client = Client.Client(
'http://<hostname>:<port>/ejbca/publicweb/apply/scep/pkiclient.exe'
)
Above example creates a sample client for EJBCA. Please update the path according to the CA server in use.
Enrollment
res = client.enrol(
csr=csr,
identity=identity,
identity_private_key=identity_private_key,
identifier=identifier ## An optional identifier how CA Server identifies the CA
)
if res.status == PKIStatus.FAILURE:
print res.fail_info
elif res.status == PKIStatus.PENDING:
print res.transaction_id
else:
print res.certificate
Poll
res = client.poll(
identity=identity,
identity_private_key=identity_private_key,
subject=subject,
transaction_id=transaction_id
)
Response is same as Enrollment.
Get Certificate
res = client.get_cert(
identity=identity,
identity_private_key=identity_private_key,
serial_number=1234567890
)
Response is same as Enrollment.
CRL
res = client.get_crl(
identity=identity,
identity_private_key=identity_private_key,
serial_number=1234567890
)
if res.status == PKIStatus.FAILURE:
print res.fail_info
elif res.status == PKIStatus.PENDING:
print res.transaction_id
else:
print res.crl
Get Rollover Certificate
ca_certificate = client.rollover_certificate()
Credits
SCEPy for providing base implementation for this project
jscep for interface
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for PyScep-0.0.14-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | df781867c80fdf06da8da57f88d4bc7b88da2eb0041c902bffb16a26171d0536 |
|
MD5 | bf943a80b931aaa6ec0066eab03dcf04 |
|
BLAKE2b-256 | bd98983b0bd08c54d9dc67f19a138692703e53d635f828eb6382062f40b13a3c |