PyOpenSSL convert certificate object to .pem file

2019-02-10 12:48发布

问题:

I want to send a certificate from a "certificate authority" to a node through sockets. I have a certificate created using this example https://skippylovesmalorie.wordpress.com/2010/02/12/how-to-generate-a-self-signed-certificate-using-pyopenssl/ How would I convert this into a .pem file so I can send it as a string through a socket and then convert it on the other end back into a .pem and use get_certificate to extract this certificate from it. Python: reading a pkcs12 certificate with pyOpenSSL.crypto Its probably a hacky way to do it, but I want to simplify it for myself. (or not)

I'm resurrecting the question of this person whos question was not answered How to convert PyOpenSSL object to PEM-encoded string?

回答1:

This is for generating a certificate signing request, but the concept should be the same

from OpenSSL import crypto

req = crypto.X509Req()
pkey = crypto.PKey()
pkey.generate_key(crypto.TYPE_RSA, 2048)
req.set_pubkey(pkey)
req.sign(pkey, 'sha1')
certreq = crypto.dump_certificate_request(crypto.FILETYPE_PEM, req)
certreq = certreq.replace('-----BEGIN CERTIFICATE REQUEST-----\n', '').replace('-----END CERTIFICATE REQUEST-----\n', '')
private_key = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)

for a certificate you can use:

crypto.dump_certificate(type, cert)