/usr/share/pyshared/epsilon/scripts/certcreate.py is in python-epsilon 0.6.0-3.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 | # Copyright 2005-2008 Divmod, Inc. See LICENSE file for details
import sys
from twisted.python import usage
from twisted.internet.ssl import KeyPair
class Options(usage.Options):
optParameters = [
["country", "C", "US", None],
["state", "s", "New York", None],
["city", "c", "New York", None],
["organization", "o", "Divmod LLC", None],
["unit", "u", "Security", None],
["hostname", "h", "divmod.com", None],
["email", "e", "support@divmod.org", None],
["filename", "f", "server.pem", "Name of the file to which to write the PEM."],
["serial-number", "S", 1, None],
]
optFlags = [
['quiet', 'q']
]
def createSSLCertificate(opts):
sslopt = {}
for x, y in (('country','C'),
('state', 'ST'),
('city', 'L'),
('organization', 'O'),
('unit', 'OU'),
('hostname', 'CN'),
('email','emailAddress')):
sslopt[y] = opts[x]
serialNumber = int(opts['serial-number'])
ssc = KeyPair.generate().selfSignedCert(serialNumber, **sslopt)
file(opts['filename'], 'w').write(ssc.dumpPEM())
if not opts['quiet']:
print 'Wrote SSL certificate:'
print ssc.inspect()
return ssc
def main(args=None):
"""
Create a private key and a certificate and write them to a file.
"""
if args is None:
args = sys.argv[1:]
o = Options()
try:
o.parseOptions(args)
except usage.UsageError, e:
raise SystemExit(str(e))
else:
return createSSLCertificate(o)
|