Self-signed certificate builder for Swarmauri
Project description
Swarmauri Self-Signed Certificate Builder
Standalone plugin providing utilities to issue self-signed X.509 certificates using the SelfSignedCertificate builder.
Features
- Issue PEM (default) or DER encoded self-signed certificates from existing private keys.
- Populate subjects, subject alternative names, name constraints, and key usage extensions via simple dictionaries.
- Convenience constructors for common TLS server and mTLS client certificates.
- Automatically reuse a passphrase stored in
KeyRef.tags["passphrase"]when loading encrypted keys.
Installation
Choose the tool that matches your workflow:
# pip
pip install swarmauri_certs_self_signed
# Poetry
poetry add swarmauri_certs_self_signed
# uv
uv add swarmauri_certs_self_signed
Quickstart
SelfSignedCertificate operates on a KeyRef whose material holds the PEM encoded private key. The example below generates an Ed25519 key, issues a TLS server certificate with DNS subject alternative names, and prints the PEM header of the resulting certificate.
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import ed25519
from swarmauri_core.crypto.types import (
ExportPolicy,
KeyRef,
KeyType,
KeyUse,
)
from swarmauri_certs_self_signed import SelfSignedCertificate
private_key = ed25519.Ed25519PrivateKey.generate()
private_bytes = private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.PKCS8,
encryption_algorithm=serialization.NoEncryption(),
)
key_ref = KeyRef(
kid="example-ed25519",
version=1,
type=KeyType.ED25519,
uses=(KeyUse.SIGN,),
export_policy=ExportPolicy.SECRET_WHEN_ALLOWED,
material=private_bytes,
)
builder = SelfSignedCertificate.tls_server(
common_name="example.local",
dns_names=["example.local", "api.example.local"],
)
certificate_pem = builder.issue(key_ref)
print(certificate_pem.decode().splitlines()[0])
The builder automatically mirrors the TLS server defaults: the subject common name is set from common_name, all DNS names are added to the SAN extension, and the certificate is valid for 397 days unless overridden. Set output_der=True on the builder to receive DER encoded bytes instead of PEM.
Entry Point
This package registers SelfSignedCertificate under both the swarmauri.cert_services and peagen.plugins.cert_services entry points.
Want to help?
If you want to contribute to swarmauri-sdk, read up on our guidelines for contributing that will help you get started.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file swarmauri_certs_self_signed-0.3.0.dev3.tar.gz.
File metadata
- Download URL: swarmauri_certs_self_signed-0.3.0.dev3.tar.gz
- Upload date:
- Size: 10.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.10.12 {"installer":{"name":"uv","version":"0.10.12","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
cd13177b4a9977ea70a80babcb1167afd5c83da3c469c5bae6780f3a18cb2cb5
|
|
| MD5 |
7770391ebe565cc5313bd1f9729b38f3
|
|
| BLAKE2b-256 |
7bad094033c8e65ee6a9882931caaea4549a283c6117006292b2efea1c6fa434
|
File details
Details for the file swarmauri_certs_self_signed-0.3.0.dev3-py3-none-any.whl.
File metadata
- Download URL: swarmauri_certs_self_signed-0.3.0.dev3-py3-none-any.whl
- Upload date:
- Size: 11.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.10.12 {"installer":{"name":"uv","version":"0.10.12","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4f9e1557306caa4daba8e0169f7e2a9856d658c253fede218bac12b524599442
|
|
| MD5 |
d6aec50f20de54400da888c371a6aeba
|
|
| BLAKE2b-256 |
443786d456e67453135e1991b4b8c7e32887c75e06de7720309f2b22eb2780ba
|