Welcome to pkifiles’s documentation!

Contents:

API documentation

pkiutils package

Module contents

pkiutils.create_csr(key, dn, csrfilename=None, attributes=None)[source]

Generates a Certificate Signing Request for a given key.

Parameters:
  • key (Crypto.PublicKey.RSA._RSAobj) – a key
  • dn – a distinguished name as dictionary or string with key=value pairs separated by slashes like /CN=test.example.org/C=DE/O=Test organisation/
  • csrfilename (str) – name of a file to write the CSR to
  • attributes (tuple) – a tuple describing attributes to be included in the CSR
Returns:

a certificate signing request
pkiutils.create_rsa_key(bits=2048, keyfile=None, format='PEM', passphrase=None)[source]

Generate a new RSA key with the specified key size.

Parameters:
  • bits (int) – bit size of the key modulus
  • keyfile (str) – file the key should be written to
  • format (str) – format for the key file, either PEM or DER
  • passphrase (str) – pass phrase for encrypting the key file. If pass phrase is a callable its return value will be used.
Returns:

RSA private key instance

pkiutils - Public Key Infrastructure Utilities

This is a set of pycrypto and pyasn1 based tools to create, load and verify public key infrastructure material like:

  • RSA keys
  • PKCS#10 certificate signing requests

This library can be used to produce RSA key pairs and corresponding certificate signing requests that can be used to request a new SSL certificate for your domain/server.

Installation Methods

1. From source cloned from Github

$python setup.py install

2. Using pip or easy_install

$pip install pkiutils

Example Usage

When you need a 3rd party SSL certificate you will be asked for a CSR (certificate signing request). The following commands will generate your personal key and the CSR file required and output them to /root

import pkiutils

key = pkiutils.create_rsa_key(2048, keyfile='/root/www.example.com.key')
pkiutils.create_csr(key,
                    dn="/C=GB/ST=STATENAME/L=LOCAILITY/O=COMPANY/OU=DEPT/CN=www.example.com",
                    csrfilename='/root/www.example.com.csr')

From here you would provide your certification authority the contents of ‘/root/www.example.com.csr’

Documentation

Pkiutils is documented using Sphinx, you can read the documentation at http://python-pkiutils.readthedocs.org/.

License

The pkiutils package is licensed under the terms of the MIT license.

Indices and tables