cpython/Lib/test/make_ssl_certs.py

"""Make the custom certificate and private key files used by test_ssl
and friends."""

import os
import sys
import tempfile
from subprocess import *

req_template = """
    [req]
    distinguished_name     = req_distinguished_name
    x509_extensions        = req_x509_extensions
    prompt                 = no

    [req_distinguished_name]
    C                      = XY
    L                      = Castle Anthrax
    O                      = Python Software Foundation
    CN                     = {hostname}

    [req_x509_extensions]
    subjectAltName         = DNS:{hostname}
    """

here = os.path.abspath(os.path.dirname(__file__))

def make_cert_key(hostname):
    tempnames = []
    for i in range(3):
        with tempfile.NamedTemporaryFile(delete=False) as f:
            tempnames.append(f.name)
    req_file, cert_file, key_file = tempnames
    try:
        with open(req_file, 'w') as f:
            f.write(req_template.format(hostname=hostname))
        args = ['req', '-new', '-days', '3650', '-nodes', '-x509',
                '-newkey', 'rsa:1024', '-keyout', key_file,
                '-out', cert_file, '-config', req_file]
        check_call(['openssl'] + args)
        with open(cert_file, 'r') as f:
            cert = f.read()
        with open(key_file, 'r') as f:
            key = f.read()
        return cert, key
    finally:
        for name in tempnames:
            os.remove(name)


if __name__ == '__main__':
    os.chdir(here)
    cert, key = make_cert_key('localhost')
    with open('ssl_cert.pem', 'w') as f:
        f.write(cert)
    with open('ssl_key.pem', 'w') as f:
        f.write(key)
    with open('keycert.pem', 'w') as f:
        f.write(key)
        f.write(cert)
    # For certificate matching tests
    cert, key = make_cert_key('fakehostname')
    with open('keycert2.pem', 'w') as f:
        f.write(key)
        f.write(cert)
Issue #1051: Add a script (Lib/test/make_ssl_certs.py) to generate the custom certificate and private key files used by SSL-related certs. 2010-10-08 23:06:24 +00:00			`"""Make the custom certificate and private key files used by test_ssl`
			`and friends."""`

			`import os`
			`import sys`
			`import tempfile`
			`from subprocess import *`

			`req_template = """`
			`[req]`
			`distinguished_name = req_distinguished_name`
			`x509_extensions = req_x509_extensions`
			`prompt = no`

			`[req_distinguished_name]`
			`C = XY`
			`L = Castle Anthrax`
			`O = Python Software Foundation`
			`CN = {hostname}`

			`[req_x509_extensions]`
			`subjectAltName = DNS:{hostname}`
			`"""`

			`here = os.path.abspath(os.path.dirname(__file__))`

			`def make_cert_key(hostname):`
			`tempnames = []`
			`for i in range(3):`
			`with tempfile.NamedTemporaryFile(delete=False) as f:`
			`tempnames.append(f.name)`
			`req_file, cert_file, key_file = tempnames`
			`try:`
			`with open(req_file, 'w') as f:`
			`f.write(req_template.format(hostname=hostname))`
			`args = ['req', '-new', '-days', '3650', '-nodes', '-x509',`
			`'-newkey', 'rsa:1024', '-keyout', key_file,`
			`'-out', cert_file, '-config', req_file]`
			`check_call(['openssl'] + args)`
			`with open(cert_file, 'r') as f:`
			`cert = f.read()`
			`with open(key_file, 'r') as f:`
			`key = f.read()`
			`return cert, key`
			`finally:`
			`for name in tempnames:`
			`os.remove(name)`


			`if __name__ == '__main__':`
			`os.chdir(here)`
			`cert, key = make_cert_key('localhost')`
			`with open('ssl_cert.pem', 'w') as f:`
			`f.write(cert)`
			`with open('ssl_key.pem', 'w') as f:`
			`f.write(key)`
			`with open('keycert.pem', 'w') as f:`
			`f.write(key)`
			`f.write(cert)`
Issue #9003: http.client.HTTPSConnection, urllib.request.HTTPSHandler and urllib.request.urlopen now take optional arguments to allow for server certificate checking, as recommended in public uses of HTTPS. 2010-10-13 10:36:15 +00:00			`# For certificate matching tests`
			`cert, key = make_cert_key('fakehostname')`
			`with open('keycert2.pem', 'w') as f:`
			`f.write(key)`
			`f.write(cert)`