有没有办法在x509中使用扩展名制作替代发行者名称? 我的代码到目前为止:
from OpenSSL import crypto
def generate_self_signed_cert(cert_dir, is_valid=True):
"""Generate a SSL certificate.
If the cert_path and the key_path are present they will be overwritten.
"""
#Keys
private_key=crypto.load_privatekey(crypto.FILETYPE_PEM,open("/root/Desktop/Key2","rb").read())
public_key=crypto.load_publickey(crypto.FILETYPE_PEM,open("/root/Desktop/Key1","rb").read())
# create a self-signed cert
cert = crypto.X509()
cert.get_subject().C = 't'
cert.get_subject().ST = 't'
cert.get_subject().L = 's'
cert.get_subject().O = 'd'
cert.get_subject().OU = 'g'
cert.get_subject().CN = 'g'
cert.set_serial_number(01)
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(3655555555)
cert.set_issuer(cert.get_subject())
cert.set_pubkey(public_key)
cert.add_extensions([
crypto.X509Extension("basicConstraints", False, "CA:FALSE"),
crypto.X509Extension("keyUsage", True, "Digital Signature, Non Repudiation"),
])
cert.set_version(2)
cert.sign(private_key, 'sha256')
with open(cert_dir+"Cert.cert", 'w+') as fd:
fd.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
generate_self_signed_cert("/root/Desktop/")
代码工作正常。我只需要添加一个替代的发行者名称。那应该用扩展来完成,对吗?
答案 0 :(得分:0)
好的,这个问题的答案是:
$low_protein_feed = "test1";
$moderate_protein_feed = "test2";
$high_protein_feed = "test3";
$repeater = "low";
echo ${$repeater . "_protein_feed"};