问题
I want to send a certificate from a "certificate authority" to a node through sockets. I have a certificate created using this example https://skippylovesmalorie.wordpress.com/2010/02/12/how-to-generate-a-self-signed-certificate-using-pyopenssl/ How would I convert this into a .pem file so I can send it as a string through a socket and then convert it on the other end back into a .pem and use get_certificate to extract this certificate from it. Python: reading a pkcs12 certificate with pyOpenSSL.crypto Its probably a hacky way to do it, but I want to simplify it for myself. (or not)
I'm resurrecting the question of this person whos question was not answered How to convert PyOpenSSL object to PEM-encoded string?
回答1:
This is for generating a certificate signing request, but the concept should be the same
from OpenSSL import crypto
req = crypto.X509Req()
pkey = crypto.PKey()
pkey.generate_key(crypto.TYPE_RSA, 2048)
req.set_pubkey(pkey)
req.sign(pkey, 'sha1')
certreq = crypto.dump_certificate_request(crypto.FILETYPE_PEM, req)
certreq = certreq.replace('-----BEGIN CERTIFICATE REQUEST-----\n', '').replace('-----END CERTIFICATE REQUEST-----\n', '')
private_key = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
for a certificate you can use:
crypto.dump_certificate(type, cert)
来源:https://stackoverflow.com/questions/9796694/pyopenssl-convert-certificate-object-to-pem-file