def set_csr_if_blank(self):
if not self.csr:
private_key = self.get_key()
builder = x509.CertificateSigningRequestBuilder()
builder = builder.subject_name(x509.Name([
x509.NameAttribute(NameOID.COMMON_NAME, self.get_common_name()),
x509.NameAttribute(NameOID.COUNTRY_NAME, u'{}'.format(self.account.country)),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u'{}'.format(self.account.state)),
x509.NameAttribute(NameOID.LOCALITY_NAME, u'{}'.format(self.account.locality)),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u'{}'.format(self.account.organization_name)),
x509.NameAttribute(NameOID.ORGANIZATIONAL_UNIT_NAME, u'{}'.format(self.account.organizational_unit_name)),
]))
builder = builder.add_extension(x509.SubjectAlternativeName(self.get_san_entries()), critical=False)
csr = builder.sign(private_key, hashes.SHA256(), default_backend())
self.csr = csr.public_bytes(serialization.Encoding.PEM)
评论列表
文章目录
