Issue #1051: Add a script (Lib/test/make_ssl_certs.py) to generate the

custom certificate and private key files used by SSL-related certs.
author: Antoine Pitrou <solipsis@pitrou.net> 2010-10-08 23:06:24 (GMT)
committer: Antoine Pitrou <solipsis@pitrou.net> 2010-10-08 23:06:24 (GMT)
commit: 81564093a10d1bad6dc48d68e40e322731517b6e (patch)
tree: 5208a0893f984580c732eeb311e09a88b00d1d50 /Lib/test/make_ssl_certs.py
parent: 7c0a2271ff4ee62f5cecef8f3d106cbda91cf40a (diff)
download: cpython-81564093a10d1bad6dc48d68e40e322731517b6e.zip
cpython-81564093a10d1bad6dc48d68e40e322731517b6e.tar.gz
cpython-81564093a10d1bad6dc48d68e40e322731517b6e.tar.bz2
1 files changed, 59 insertions, 0 deletions
diff --git a/Lib/test/make_ssl_certs.py b/Lib/test/make_ssl_certs.py
new file mode 100644
index 0000000..3e25fc2
--- /dev/null
+++ b/Lib/test/make_ssl_certs.py
@@ -0,0 +1,59 @@
+"""Make the custom certificate and private key files used by test_ssl
+and friends."""
+
+import os
+import sys
+import tempfile
+from subprocess import *
+
+req_template = """
+    [req]
+    distinguished_name     = req_distinguished_name
+    x509_extensions        = req_x509_extensions
+    prompt                 = no
+
+    [req_distinguished_name]
+    C                      = XY
+    L                      = Castle Anthrax
+    O                      = Python Software Foundation
+    CN                     = {hostname}
+
+    [req_x509_extensions]
+    subjectAltName         = DNS:{hostname}
+    """
+
+here = os.path.abspath(os.path.dirname(__file__))
+
+def make_cert_key(hostname):
+    tempnames = []
+    for i in range(3):
+        with tempfile.NamedTemporaryFile(delete=False) as f:
+            tempnames.append(f.name)
+    req_file, cert_file, key_file = tempnames
+    try:
+        with open(req_file, 'w') as f:
+            f.write(req_template.format(hostname=hostname))
+        args = ['req', '-new', '-days', '3650', '-nodes', '-x509',
+                '-newkey', 'rsa:1024', '-keyout', key_file,
+                '-out', cert_file, '-config', req_file]
+        check_call(['openssl'] + args)
+        with open(cert_file, 'r') as f:
+            cert = f.read()
+        with open(key_file, 'r') as f:
+            key = f.read()
+        return cert, key
+    finally:
+        for name in tempnames:
+            os.remove(name)
+
+
+if __name__ == '__main__':
+    os.chdir(here)
+    cert, key = make_cert_key('localhost')
+    with open('ssl_cert.pem', 'w') as f:
+        f.write(cert)
+    with open('ssl_key.pem', 'w') as f:
+        f.write(key)
+    with open('keycert.pem', 'w') as f:
+        f.write(key)
+        f.write(cert)
author	Antoine Pitrou <solipsis@pitrou.net>	2010-10-08 23:06:24 (GMT)
committer	Antoine Pitrou <solipsis@pitrou.net>	2010-10-08 23:06:24 (GMT)
commit	81564093a10d1bad6dc48d68e40e322731517b6e (patch)
tree	5208a0893f984580c732eeb311e09a88b00d1d50 /Lib/test/make_ssl_certs.py
parent	7c0a2271ff4ee62f5cecef8f3d106cbda91cf40a (diff)
download	cpython-81564093a10d1bad6dc48d68e40e322731517b6e.zip cpython-81564093a10d1bad6dc48d68e40e322731517b6e.tar.gz cpython-81564093a10d1bad6dc48d68e40e322731517b6e.tar.bz2