python创建签名X509

时间:2011-06-14 22:01:22

标签: python certificate openssl x509

我想知道如何使用python创建签名X509。

我找不到任何一个很好的例子来解释如何使用python生成这样的签名。

目标是拥有类似的东西:

-----BEGIN CERTIFICATE-----
MIICjDCCAfWgAwIBAgIJANG2v68GF4y/MA0GCSqGSIb3DQEBBQUAME8xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQKEwhNMkNyeXB0bzEY
MBYGA1UEAxMPSGVpa2tpIFRvaXZvbmVuMB4XDTA5MDcyODA0MzQzNFoXDTE5MDcy
NjA0MzQzNFowRDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAP
BgNVBAoTCE0yQ3J5cHRvMQ0wCwYDVQQDEwRYNTA5MIGfMA0GCSqGSIb3DQEBAQUA
A4GNADCBiQKBgQDTYlUSMLjchHxjvYAdGRpy8ij4WQsqa/IqI527D3+SXt0ndLx4
CierHC4jHCZ3SLaPA+9XHKBUrhro9SShRqEnSFUzmPzbaoMuiT/g85Gd2k/bdJCd
po1KRsufurhg367uIks/gFX3HYk8KyjfRhnVGKzpB05AgXW82lvV4cIEFQIDAQAB
o3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRl
ZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUscRvmG/oO4yhJhGBl5oSUEoabIgwHwYD
VR0jBBgwFoAUrWRFdI+DxyzV16CFkRBAmpyWz+4wDQYJKoZIhvcNAQEFBQADgYEA
PwtEvNLaX6k5vghT5v0Q/9bwo1H2vgMgzLNSzw98P1ZCb51ymwmlZD9DKSQr1nmU
VC+Z6M7+/d67ykMoFv8yrD3FVtuHIzzUafdOG8S+ydgnmSpkvjprflGF23U1QKVs
rlPDCecANRdkGhdxxdVZ5Y/8lkr5gTMjTMFgcZMYCsQ=
-----END CERTIFICATE-----

...谢谢

1 个答案:

答案 0 :(得分:3)

这是最简单的方法

>>> cmd = "openssl req   -x509 -nodes -days 365   -subj '/C=US/ST=Oregon/L=Portland/CN=www.madboa.com'   -newkey rsa:1024 -keyout mycert.pem"
>>> from subprocess import Popen, PIPE
>>> proc = Popen(cmd, stdout=PIPE, stderr=PIPE, shell=True)
>>> print proc.stdout.read()
-----BEGIN CERTIFICATE-----
MIICvzCCAiigAwIBAgIJAO9AofW3r93ZMA0GCSqGSIb3DQEBBQUAMEoxCzAJBgNV
BAYTAlVTMQ8wDQYDVQQIEwZPcmVnb24xETAPBgNVBAcTCFBvcnRsYW5kMRcwFQYD
VQQDEw53d3cubWFkYm9hLmNvbTAeFw0xMTA2MTQyMjE3MzZaFw0xMjA2MTMyMjE3
MzZaMEoxCzAJBgNVBAYTAlVTMQ8wDQYDVQQIEwZPcmVnb24xETAPBgNVBAcTCFBv
cnRsYW5kMRcwFQYDVQQDEw53d3cubWFkYm9hLmNvbTCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEAk/omGua0jgvVAOvYfRS6Se/5O9opDolw3FguU0+iqz+NViaq
NbcxzuYmWwvy6rS3+MYrvMYY8ii6aAE7QuLryK70JZjDQZZr18HvtZ5Fsso0Y4py
LINVDr2242wBlPm8V+PTsV9uxmeJDuITlzlrX2pdyVPbbJjHjkYOSSx5EhUCAwEA
AaOBrDCBqTAdBgNVHQ4EFgQUQcvE5FPtuZdgsNzY83uC+l4ENZQwegYDVR0jBHMw
cYAUQcvE5FPtuZdgsNzY83uC+l4ENZShTqRMMEoxCzAJBgNVBAYTAlVTMQ8wDQYD
VQQIEwZPcmVnb24xETAPBgNVBAcTCFBvcnRsYW5kMRcwFQYDVQQDEw53d3cubWFk
Ym9hLmNvbYIJAO9AofW3r93ZMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
gYEAMAUvDANYFvHzBMbHG0zmwy0VrifbuK3hp4bhkhIBonttxWrn0TmSFNmiCt5W
UetGj1+NKGBiA3zKRzyW9o05l4rqiwyfNXikrLS1xiFpQ2mHtWWv9T6t0p/CM3Od
UVuH3+QoW0VLLgtoH46nb5VImuryB1NovZo8mjJ0H7b/6WE=
-----END CERTIFICATE-----

所以类似地使用'openssl x509'为您提供正确的命令行选项并在python中读取它,否则您可以尝试查看PyCrypto和Google Keyczar

相关问题
最新问题