generate_proxy

ciecplib.x509.generate_proxy(cert, key, minhours=168, limited=False, bits=2048)

Generate a proxy certificate based on a certificate.

Parameters:

• cert (cryptography.X509.Certificate) – The certificate object.

• key (cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey) – The RSA key object used to sign the original certificate.

• minhours (float) – The minimum lifetime of the proxy certificate. This is bounded by the lifetime of the original certificate.

• limited (bool) – If True, generate a limited proxy.

• bits (int) – The number of bits (size) to use for the private key used to sign the proxy certificate.

Returns:

• proxycert (cryptography.X509.Certificate) – The proxy certificate.

• proxykey (cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey) – The RSA private key used to sign the proxy certificate.