tyler.durden
/
PyKMIP
mirror of https://github.com/OpenKMIP/PyKMIP.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Provision CA extension in CA cert 

Without that, on modern OpenSSL libs this gives an error:

```
verify error:num=24:invalid CA certificate
```
This commit is contained in:
Andrey Smirnov 2019-02-27 01:06:57 +03:00 committed by Peter Hamilton
parent 54f3688a14
commit a58a3a3bea
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bin/create_certificates.py
View File

@ -31,6 +31,8 @@ def create_self_signed_certificate(subject_name, private_key, days_valid=365):
private_key.public_key()
).serial_number(
x509.random_serial_number()
).add_extension(
x509.BasicConstraints(ca=True, path_length=None), critical=True
).not_valid_before(
datetime.datetime.utcnow()
).not_valid_after(