in iotHandler.py [0:0]
def createCertificateSigningRequest(self, writeToFile, vin, common_name, country=None, state=None, city=None,
organization=None, organizational_unit=None, email_address=None):
try:
if writeToFile:
path = self.secure_cert_path.format(unique_id=vin)
os.makedirs(path.format(unique_id=vin), exist_ok=True)
tls_private_key = OpenSSL.crypto.PKey()
tls_private_key.generate_key(OpenSSL.crypto.TYPE_RSA, 2048)
req = OpenSSL.crypto.X509Req()
req.get_subject().CN = common_name
if country:
req.get_subject().C = country
if state:
req.get_subject().ST = state
if city:
req.get_subject().L = city
if organization:
req.get_subject().O = organization
if organizational_unit:
req.get_subject().OU = organizational_unit
if email_address:
req.get_subject().emailAddress = email_address
with open(path + '/csr-bootstrap.key', "w") as private_key_file:
private_key_pem = OpenSSL.crypto.dump_privatekey(
OpenSSL.crypto.FILETYPE_PEM, tls_private_key
)
private_key_file.write(private_key_pem.decode())
req.set_pubkey(tls_private_key)
req.sign(tls_private_key, 'sha256')
csr = OpenSSL.crypto.dump_certificate_request(
OpenSSL.crypto.FILETYPE_PEM, req)
with open(path + '/csr-bootstrap.csr', "w") as outfile:
outfile.write(csr.decode())
outfile.close()
#print('certificateId: %s', self.certificateId)
#TODO://make sure this worked
return True
except ClientError as error:
return error