1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 |
- #!/usr/bin/env python
- # This Source Code Form is subject to the terms of the Mozilla Public
- # License, v. 2.0. If a copy of the MPL was not distributed with this
- # file, You can obtain one at http://mozilla.org/MPL/2.0/.
- import sys
- import os
- import shutil
- import socket
- if len(sys.argv) < 2:
- sys.exit('Usage: %s directory to output certificates' % sys.argv[0])
- if not os.path.exists(sys.argv[1]):
- sys.exit('ERROR: Directory %s was not found!' % sys.argv[1])
-
- os.chdir(os.path.dirname(os.path.abspath(__file__)))
- os.environ['HOSTNAME'] = socket.gethostname()
- os.environ['OPENSSL_CONF'] = os.path.join(os.getcwd(), "localhost.cnf")
- os.system("""openssl genrsa -out ca.key 2048""")
- os.system("""openssl req \
- -x509 \
- -new \
- -nodes \
- -key ca.key \
- -days 3650 \
- -subj "/C=DE/O=open62541/CN=open62541.org" \
- -out ca.crt""")
- os.system("""openssl req \
- -new \
- -newkey rsa:2048 \
- -nodes \
- -subj "/C=DE/O=open62541/CN=open62541Server@localhost" \
- -config localhost.cnf \
- -keyout localhost.key \
- -out localhost.csr""")
- os.system("""openssl x509 -req \
- -days 3650 \
- -in localhost.csr \
- -CA ca.crt \
- -CAkey ca.key \
- -CAcreateserial \
- -out localhost.crt \
- -extensions v3_ca \
- -extfile localhost.cnf""")
- os.system("""openssl x509 -in localhost.crt -outform der -out server_cert.der""")
- #we will need these files later
- os.remove("localhost.key") #we will need it later
- os.remove("localhost.crt")
- os.remove("localhost.csr")
- os.remove("ca.key")
- os.remove("ca.srl")
- if os.path.isfile(os.path.join(sys.argv[1], "server_cert.der")):
- os.remove(os.path.join(sys.argv[1], "server_cert.der"))
- shutil.move("server_cert.der", sys.argv[1])
- if os.path.isfile(os.path.join(sys.argv[1], "ca.crt")):
- os.remove(os.path.join(sys.argv[1], "ca.crt"))
- shutil.move("ca.crt", sys.argv[1])
- print("Certificates generated in " + sys.argv[1])
|