def create_for_user(cls, pkcs12, user, cn=None, days=None):
if not cn:
cn = get_full_name(user)
ec = EthicsCommission.objects.get(uuid=settings.ETHICS_COMMISSION_UUID)
subject = '/CN={}/O={}/emailAddress={}'.format(cn, ec.name[:64], user.email)
passphrase_len = math.ceil(
PASSPHRASE_ENTROPY / math.log2(len(PASSPHRASE_CHARS)))
passphrase = ''.join(
SystemRandom().choice(PASSPHRASE_CHARS)
for i in range(passphrase_len)
)
from ecs.pki import openssl
data = openssl.make_cert(subject, pkcs12, passphrase=passphrase,
days=days)
cert = cls.objects.create(user=user, cn=cn, **data)
return (cert, passphrase)
评论列表
文章目录
