2018-08-22 01:54:09 -05:00
|
|
|
#
|
|
|
|
# Copyright (C) 2018 FreeIPA Contributors see COPYING for license
|
|
|
|
#
|
|
|
|
|
|
|
|
from cryptography import x509
|
|
|
|
from cryptography.hazmat.backends import default_backend
|
|
|
|
from cryptography.hazmat.primitives import serialization, hashes
|
|
|
|
from cryptography.hazmat.primitives.asymmetric import rsa
|
|
|
|
from cryptography.x509.oid import NameOID
|
|
|
|
|
|
|
|
|
|
|
|
def generate_csr(hostname):
|
|
|
|
key = rsa.generate_private_key(
|
|
|
|
public_exponent=65537,
|
|
|
|
key_size=2048,
|
|
|
|
backend=default_backend()
|
|
|
|
)
|
2018-09-06 05:06:21 -05:00
|
|
|
hostname = u'{}'.format(hostname)
|
2018-08-22 01:54:09 -05:00
|
|
|
csr = x509.CertificateSigningRequestBuilder()
|
2018-09-06 05:06:21 -05:00
|
|
|
csr = csr.subject_name(
|
|
|
|
x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, hostname)])
|
|
|
|
).add_extension(
|
|
|
|
x509.SubjectAlternativeName([x509.DNSName(hostname)]),
|
|
|
|
critical=False
|
|
|
|
)
|
2018-08-22 01:54:09 -05:00
|
|
|
csr = csr.sign(key, hashes.SHA256(), default_backend())
|
2018-09-06 05:06:21 -05:00
|
|
|
return csr.public_bytes(serialization.Encoding.PEM).decode()
|