From 57083356be13014951deae7b585af22e1e3b47f5 Mon Sep 17 00:00:00 2001 From: Tony Mack Date: Fri, 28 Jan 2011 18:25:50 -0500 Subject: [PATCH] make sure cert is v3 so certifcate can support extension --- sfa/trust/certificate.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/sfa/trust/certificate.py b/sfa/trust/certificate.py index ed1792e7..6846472c 100644 --- a/sfa/trust/certificate.py +++ b/sfa/trust/certificate.py @@ -160,6 +160,9 @@ class Keypair: ASN1.set_time(500) m2x509.set_not_before(ASN1) m2x509.set_not_after(ASN1) + # x509v3 so it can have extensions + # prob not necc since this cert itself is junk but still... + m2x509.set_version(2) junk_key = Keypair(create=True) m2x509.sign(pkey=junk_key.get_m2_pkey(), md="sha1") @@ -296,6 +299,8 @@ class Certificate: self.cert.set_serial_number(3) self.cert.gmtime_adj_notBefore(0) self.cert.gmtime_adj_notAfter(60*60*24*365*5) # five years + self.cert.set_version(2) # x509v3 so it can have extensions + ## # Given a pyOpenSSL X509 object, store that object inside of this -- 2.43.0