Antoine Pitrou | 8156409 | 2010-10-08 23:06:24 +0000 | [diff] [blame] | 1 | """Make the custom certificate and private key files used by test_ssl |
| 2 | and friends.""" |
| 3 | |
| 4 | import os |
| 5 | import sys |
| 6 | import tempfile |
| 7 | from subprocess import * |
| 8 | |
| 9 | req_template = """ |
| 10 | [req] |
| 11 | distinguished_name = req_distinguished_name |
| 12 | x509_extensions = req_x509_extensions |
| 13 | prompt = no |
| 14 | |
| 15 | [req_distinguished_name] |
| 16 | C = XY |
| 17 | L = Castle Anthrax |
| 18 | O = Python Software Foundation |
| 19 | CN = {hostname} |
| 20 | |
| 21 | [req_x509_extensions] |
| 22 | subjectAltName = DNS:{hostname} |
| 23 | """ |
| 24 | |
| 25 | here = os.path.abspath(os.path.dirname(__file__)) |
| 26 | |
| 27 | def make_cert_key(hostname): |
| 28 | tempnames = [] |
| 29 | for i in range(3): |
| 30 | with tempfile.NamedTemporaryFile(delete=False) as f: |
| 31 | tempnames.append(f.name) |
| 32 | req_file, cert_file, key_file = tempnames |
| 33 | try: |
| 34 | with open(req_file, 'w') as f: |
| 35 | f.write(req_template.format(hostname=hostname)) |
| 36 | args = ['req', '-new', '-days', '3650', '-nodes', '-x509', |
| 37 | '-newkey', 'rsa:1024', '-keyout', key_file, |
| 38 | '-out', cert_file, '-config', req_file] |
| 39 | check_call(['openssl'] + args) |
| 40 | with open(cert_file, 'r') as f: |
| 41 | cert = f.read() |
| 42 | with open(key_file, 'r') as f: |
| 43 | key = f.read() |
| 44 | return cert, key |
| 45 | finally: |
| 46 | for name in tempnames: |
| 47 | os.remove(name) |
| 48 | |
| 49 | |
| 50 | if __name__ == '__main__': |
| 51 | os.chdir(here) |
| 52 | cert, key = make_cert_key('localhost') |
| 53 | with open('ssl_cert.pem', 'w') as f: |
| 54 | f.write(cert) |
| 55 | with open('ssl_key.pem', 'w') as f: |
| 56 | f.write(key) |
| 57 | with open('keycert.pem', 'w') as f: |
| 58 | f.write(key) |
| 59 | f.write(cert) |
Antoine Pitrou | 803e6d6 | 2010-10-13 10:36:15 +0000 | [diff] [blame] | 60 | # For certificate matching tests |
| 61 | cert, key = make_cert_key('fakehostname') |
| 62 | with open('keycert2.pem', 'w') as f: |
| 63 | f.write(key) |
| 64 | f.write(cert) |