完整代码如下。
\n from cryptography.hazmat.backends import default_backend\nfrom cryptography.hazmat.primitives import serialization\nfrom cryptography.hazmat.primitives.asymmetric import rsa\nfrom cryptography import x509\nfrom cryptography.x509.oid import NameOID\nfrom cryptography.hazmat.primitives import hashes\nimport datetime\nencryptedpassword = b"yokedicicaner31" #Kullan\xc4\xb1c\xc4\xb1 inputu al, yokedicicaner31, kopyala yap\xc4\xb1\xc5\x9ft\xc4\xb1r.\nkey = rsa.generate_private_key(public_exponent=65537,key_size=2048,backend=default_backend())\nwith open("rsakey.pem","wb") as f: \n f.write(key.private_bytes(encoding=serialization.Encoding.PEM,\n format = serialization.PrivateFormat.TraditionalOpenSSL,\n encryption_algorithm=serialization.BestAvailableEncryption(encryptedpassword)))\n\nsubject = issuer = x509.Name([x509.NameAttribute(NameOID.COUNTRY_NAME,u"TR"),\n x509.NameAttribute(NameOID.LOCALITY_NAME,u"damacaner"),\n x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"damacana ve erikli su sevenler derne\xc4\x9fi"),\n x509.NameAttribute(NameOID.COMMON_NAME, u"damacaner.tr")])\ncert = x509.CertificateBuilder().subject_name(subject).issuer_name(issuer).public_key(key.public_key()).serial_number(x509.random_serial_number()).not_valid_before(datetime.datetime.utcnow()).not_valid_after(datetime.datetime.utcnow() + datetime.timedelta(days=10)\n ).add_extension(x509.SubjectAlternativeName([x509.DNSName(u"localhost")]),critical=False).sign(key, hashes.SHA256(), default_backend())\nwith open("certificate.pem","wb") as f:\n f.write(cert.public_bytes(serialization.Encoding.PEM))\n完整输出如下。
\nunable to load X509 request\n34359836736:error:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:\n Expecting: CERTIFICATE REQUEST\n …