Skip to main content

Self-signed certificate builder for Swarmauri

Project description

Swarmauri Logo

PyPI - Downloads Hits PyPI - Python Version PyPI - License PyPI - swarmauri_certs_self_signed Discord

Swarmauri Self-Signed Certificate Builder

Standalone plugin providing utilities to issue self-signed X.509 certificates using the SelfSignedCertificate builder.

Features

  • Issue PEM (default) or DER encoded self-signed certificates from existing private keys.
  • Populate subjects, subject alternative names, name constraints, and key usage extensions via simple dictionaries.
  • Convenience constructors for common TLS server and mTLS client certificates.
  • Automatically reuse a passphrase stored in KeyRef.tags["passphrase"] when loading encrypted keys.

Installation

Choose the tool that matches your workflow:

# pip
pip install swarmauri_certs_self_signed

# Poetry
poetry add swarmauri_certs_self_signed

# uv
uv add swarmauri_certs_self_signed

Quickstart

SelfSignedCertificate operates on a KeyRef whose material holds the PEM encoded private key. The example below generates an Ed25519 key, issues a TLS server certificate with DNS subject alternative names, and prints the PEM header of the resulting certificate.

from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import ed25519

from swarmauri_core.crypto.types import (
    ExportPolicy,
    KeyRef,
    KeyType,
    KeyUse,
)
from swarmauri_certs_self_signed import SelfSignedCertificate

private_key = ed25519.Ed25519PrivateKey.generate()
private_bytes = private_key.private_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PrivateFormat.PKCS8,
    encryption_algorithm=serialization.NoEncryption(),
)

key_ref = KeyRef(
    kid="example-ed25519",
    version=1,
    type=KeyType.ED25519,
    uses=(KeyUse.SIGN,),
    export_policy=ExportPolicy.SECRET_WHEN_ALLOWED,
    material=private_bytes,
)

builder = SelfSignedCertificate.tls_server(
    common_name="example.local",
    dns_names=["example.local", "api.example.local"],
)

certificate_pem = builder.issue(key_ref)
print(certificate_pem.decode().splitlines()[0])

The builder automatically mirrors the TLS server defaults: the subject common name is set from common_name, all DNS names are added to the SAN extension, and the certificate is valid for 397 days unless overridden. Set output_der=True on the builder to receive DER encoded bytes instead of PEM.

Entry Point

This package registers SelfSignedCertificate under both the swarmauri.cert_services and peagen.plugins.cert_services entry points.

Want to help?

If you want to contribute to swarmauri-sdk, read up on our guidelines for contributing that will help you get started.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

swarmauri_certs_self_signed-0.11.0.dev2.tar.gz (10.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

File details

Details for the file swarmauri_certs_self_signed-0.11.0.dev2.tar.gz.

File metadata

  • Download URL: swarmauri_certs_self_signed-0.11.0.dev2.tar.gz
  • Upload date:
  • Size: 10.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.11.26 {"installer":{"name":"uv","version":"0.11.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_certs_self_signed-0.11.0.dev2.tar.gz
Algorithm Hash digest
SHA256 16edc16033d1f7aedaecd03ffc121bf24439fae44e9e21c7cc8e3af37286312c
MD5 8e04c2512a3465423bbf92b2409f6cfe
BLAKE2b-256 b963a26b3b68dac11a9b958e3d41ac2a0f0dac69006246a78d117f56b1c76c31

See more details on using hashes here.

File details

Details for the file swarmauri_certs_self_signed-0.11.0.dev2-py3-none-any.whl.

File metadata

  • Download URL: swarmauri_certs_self_signed-0.11.0.dev2-py3-none-any.whl
  • Upload date:
  • Size: 11.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.11.26 {"installer":{"name":"uv","version":"0.11.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_certs_self_signed-0.11.0.dev2-py3-none-any.whl
Algorithm Hash digest
SHA256 c6fa5f9f8388f35ead0bbbcef55e86331680a246da565afeb297b8e26741a44a
MD5 7d323ca41b9487b28231a10756e06d57
BLAKE2b-256 8149fd8df316c0bd2f719487f8c12f5e69da18d395a6084a4055d1f54e0775a0

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page