I wonder if current library release can create X.509 certificates as
clients and CAs, and signing those certificates with a CA certificate
(generated with cryptography library too).
I want to drop OpenSSL for this activity for good!.
--
Jesús Cea Avión _/_/ _/_/_/
Yes, cryptography is capable of generating certificates as of version 1.0.
There are some less common extensions not yet supported when creating
certificates (name constraints and certificate policies) but everything else is
supported. Check out
https://cryptography.io/en/latest/x509/reference/
My stock OpenSSL library is ancient so I installed an alternative
current OpenSSL release under "/usr/local/ssl". In order to compile
"cryptography" in this machine I must do:
$ LDFLAGS="-L/usr/local/ssl/lib" \
CFLAGS="-I/usr/local/ssl/include" \
python -m pip install -U cryptography
This is
I would add a run path to your LDFLAGS, this way you can be sure it
picks up the correct OpenSSL library if your library search paths are
not set to the right value by crle or things like LD_LIBRARY_PATH.
You can do that by adding -R/path/to/lib to LDFLAGS.
Erik
On Tue, Oct 20, 2015 at 5:40 PM,
