commonname: Common name for the generated certificate. Must be a valid, plain-ASCII, IDNA-encoded domain name. sans: A list of Subject Alternate Names. organization: Organization name for the generated certificate. crl_url: URL of CRL distribution point
(
self,
commonname: str | None,
sans: Iterable[x509.GeneralName],
organization: str | None = None,
crl_url: str | None = None,
)
| 679 | return [str(dn.value)] |
| 680 | |
| 681 | def get_cert( |
| 682 | self, |
| 683 | commonname: str | None, |
| 684 | sans: Iterable[x509.GeneralName], |
| 685 | organization: str | None = None, |
| 686 | crl_url: str | None = None, |
| 687 | ) -> CertStoreEntry: |
| 688 | """ |
| 689 | commonname: Common name for the generated certificate. Must be a |
| 690 | valid, plain-ASCII, IDNA-encoded domain name. |
| 691 | |
| 692 | sans: A list of Subject Alternate Names. |
| 693 | |
| 694 | organization: Organization name for the generated certificate. |
| 695 | |
| 696 | crl_url: URL of CRL distribution point |
| 697 | """ |
| 698 | sans = _fix_legacy_sans(sans) |
| 699 | |
| 700 | potential_keys: list[TCertId] = [] |
| 701 | if commonname: |
| 702 | potential_keys.extend(self.asterisk_forms(commonname)) |
| 703 | for s in sans: |
| 704 | potential_keys.extend(self.asterisk_forms(s)) |
| 705 | potential_keys.append("*") |
| 706 | potential_keys.append((commonname, sans)) |
| 707 | |
| 708 | name = next(filter(lambda key: key in self.certs, potential_keys), None) |
| 709 | if name: |
| 710 | entry = self.certs[name] |
| 711 | else: |
| 712 | entry = CertStoreEntry( |
| 713 | cert=dummy_cert( |
| 714 | self.default_privatekey, |
| 715 | self.default_ca._cert, |
| 716 | commonname, |
| 717 | sans, |
| 718 | organization, |
| 719 | crl_url, |
| 720 | ), |
| 721 | privatekey=self.default_privatekey, |
| 722 | chain_file=self.default_chain_file, |
| 723 | chain_certs=self.default_chain_certs, |
| 724 | ) |
| 725 | self.certs[(commonname, sans)] = entry |
| 726 | self.expire(entry) |
| 727 | |
| 728 | return entry |
| 729 | |
| 730 | |
| 731 | def load_pem_private_key(data: bytes, password: bytes | None) -> rsa.RSAPrivateKey: |