[pyOpenSSL] [pyopenssl-list] x509req Object set_subject
Jean-Paul Calderone
exarkun at divmod.com
Thu Jul 3 14:37:22 CEST 2008
On Thu, 3 Jul 2008 15:22:29 +0300, BRACHET Maxime <mixam85 at gmail.com> wrote:
>Hi,
>
>> Hi every body,
>>
>> I am new to this mailing list.
>> I have a quite simple problem,
>> I get a Certificate Request form a MyProxy server to sign it in order to
>> create a Proxy certificate.
>> But I must overwrite the subject of the MyProxy request to fulfill the
>> requirements.
>> I get the Request in a x509req Object, but this object does not provide a
>> method like set_subject().
>>
>> How can I do ?
>
>It seems that I misunderstand what to do.
>I create a new x509 certificate using request informations, but I need to
>add a CN to my subject and the x509Name does not provide any methods to do
>this.
>Any ideas ?
X509Name instances can have attributes like CN set on them directly:
>>> from OpenSSL.crypto import X509
>>> cert = X509()
>>> cert.get_subject().CN = 'foo'
>>> cert.get_subject()
<X509Name object '/CN=foo'>
It doesn't seem correct that you need to change anything about the X509Req,
though. If it has the wrong parameters, then it needs to be regenerated by
the MyProxy server/user (I don't know what MyProxy is). If you change it
and sign the result, then it will disagree with the private part which was
generated along with it.
Jean-Paul
More information about the pyopenssl-users
mailing list