declearn.test_utils.generate_ssl_certificates
Generate a self-signed CA and a CA-signed SSL certificate.
This function is intended to be used for testing and/or in demonstration contexts, whereas real-life applications are expected to use certificates signed by a trusted CA.
This functions orchestrates calls to the system's openssl
command in order to generate and self-sign SSL certificate
and private-key files that may be used to encrypt network
communications, notably for declearn.
More precisely, it generates: - a self-signed root certificate authority (CA) - a server certificate signed by the former CA
Parameters:
Name | Type | Description | Default |
---|---|---|---|
folder |
str
|
Path to the folder where to create the intermediate and final certificate and key PEM files. |
'.'
|
c_name |
str
|
Main domain name or IP for which the certificate is created. |
'localhost'
|
password |
Optional[str]
|
Optional password used to encrypt generated private keys. |
None
|
alt_ips |
Optional[Collection[str]]
|
Optional list of additional IP addresses to certify. This is only implemented for OpenSSL >= 3.0. |
None
|
alt_dns |
Optional[Collection[str]]
|
Optional list of additional domain names to certify. This is only implemented for OpenSSL >= 3.0. |
None
|
Returns:
Name | Type | Description |
---|---|---|
ca_cert |
str
|
Path to the client-required CA certificate PEM file. |
sv_cert |
str
|
Path to the server's certificate PEM file. |
sv_pkey |
str
|
Path to the server's private key PEM file. |
Source code in declearn/test_utils/_gen_ssl.py
31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 |
|