Skip to main content

Self-signed certificate builder for Swarmauri

Project description

Swarmauri Logo

PyPI - Downloads Hits PyPI - Python Version PyPI - License PyPI - swarmauri_certs_self_signed


Swarmauri Self-Signed Certificate Builder

Standalone plugin providing utilities to issue self-signed X.509 certificates using the SelfSignedCertificate builder.

Features

  • Issue PEM (default) or DER encoded self-signed certificates from existing private keys.
  • Populate subjects, subject alternative names, name constraints, and key usage extensions via simple dictionaries.
  • Convenience constructors for common TLS server and mTLS client certificates.
  • Automatically reuse a passphrase stored in KeyRef.tags["passphrase"] when loading encrypted keys.

Installation

Choose the tool that matches your workflow:

# pip
pip install swarmauri_certs_self_signed

# Poetry
poetry add swarmauri_certs_self_signed

# uv
uv add swarmauri_certs_self_signed

Quickstart

SelfSignedCertificate operates on a KeyRef whose material holds the PEM encoded private key. The example below generates an Ed25519 key, issues a TLS server certificate with DNS subject alternative names, and prints the PEM header of the resulting certificate.

from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import ed25519

from swarmauri_core.crypto.types import (
    ExportPolicy,
    KeyRef,
    KeyType,
    KeyUse,
)
from swarmauri_certs_self_signed import SelfSignedCertificate

private_key = ed25519.Ed25519PrivateKey.generate()
private_bytes = private_key.private_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PrivateFormat.PKCS8,
    encryption_algorithm=serialization.NoEncryption(),
)

key_ref = KeyRef(
    kid="example-ed25519",
    version=1,
    type=KeyType.ED25519,
    uses=(KeyUse.SIGN,),
    export_policy=ExportPolicy.SECRET_WHEN_ALLOWED,
    material=private_bytes,
)

builder = SelfSignedCertificate.tls_server(
    common_name="example.local",
    dns_names=["example.local", "api.example.local"],
)

certificate_pem = builder.issue(key_ref)
print(certificate_pem.decode().splitlines()[0])

The builder automatically mirrors the TLS server defaults: the subject common name is set from common_name, all DNS names are added to the SAN extension, and the certificate is valid for 397 days unless overridden. Set output_der=True on the builder to receive DER encoded bytes instead of PEM.

Entry Point

This package registers SelfSignedCertificate under both the swarmauri.cert_services and peagen.plugins.cert_services entry points.

Want to help?

If you want to contribute to swarmauri-sdk, read up on our guidelines for contributing that will help you get started.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

swarmauri_certs_self_signed-0.2.0.dev32.tar.gz (10.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

File details

Details for the file swarmauri_certs_self_signed-0.2.0.dev32.tar.gz.

File metadata

  • Download URL: swarmauri_certs_self_signed-0.2.0.dev32.tar.gz
  • Upload date:
  • Size: 10.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.3 {"installer":{"name":"uv","version":"0.10.3","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_certs_self_signed-0.2.0.dev32.tar.gz
Algorithm Hash digest
SHA256 bdc327f1f2afcfa150e7b40c16457bcff0fbefbe9a7288a3a628117bbfd78b17
MD5 a0031a6b693277c79a12c55e63b96e71
BLAKE2b-256 5349b5d50f375be68e1c7496380a7372917e78cf5b4e63f4202bc8c0ef679b63

See more details on using hashes here.

File details

Details for the file swarmauri_certs_self_signed-0.2.0.dev32-py3-none-any.whl.

File metadata

  • Download URL: swarmauri_certs_self_signed-0.2.0.dev32-py3-none-any.whl
  • Upload date:
  • Size: 11.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.3 {"installer":{"name":"uv","version":"0.10.3","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_certs_self_signed-0.2.0.dev32-py3-none-any.whl
Algorithm Hash digest
SHA256 392be19fd5727c04157b000dfba54128b9e977be412bbf5e19c83c3b5a562b9c
MD5 fda1baff21b7b441601f64e17c8f8acf
BLAKE2b-256 cc71ef8c61ab7ca8d91e427e864020c667a9daf83cba715c98fc6bd2e08dfead

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page