New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to add Certificate Policies extension using pyopenssl #1365

Closed

dulanshuangqiao opened this issue Sep 20, 2024 · 1 comment

dulanshuangqiao commented Sep 20, 2024

I try like this：
def add_certificate_policies_extension(cert):
# 使用标准策略 OID anyPolicy (2.5.29.32.0)
policy_oid = '2.5.29.32.0'

# 创建证书策略扩展，确保传递值为字节类型
cert_policies_extension = crypto.X509Extension(
    b"certificatePolicies",
    critical=False,
    value=policy_oid.encode('ascii')
)

# 将扩展项添加到证书
cert.add_extensions([cert_policies_extension])

But, error like this:
[('X509 V3 routines', '', 'no config database'), ('X509 V3 routines', '', 'error in extension')]

The text was updated successfully, but these errors were encountered:

Member

alex commented Sep 20, 2024

The X.509 API in pyopenssl is deprecated. Users are encouraged to use cryptography's X.509 API instead https://cryptography.io/en/latest/x509/

alex closed this as completed

github-actions bot locked as resolved and limited conversation to collaborators

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.