PyOpenSSL convert certificate object to .pem file

DustBunny picture DustBunny · Mar 21, 2012 · Viewed 7.8k times · Source

I want to send a certificate from a "certificate authority" to a node through sockets. I have a certificate created using this example https://skippylovesmalorie.wordpress.com/2010/02/12/how-to-generate-a-self-signed-certificate-using-pyopenssl/ How would I convert this into a .pem file so I can send it as a string through a socket and then convert it on the other end back into a .pem and use get_certificate to extract this certificate from it. Python: reading a pkcs12 certificate with pyOpenSSL.crypto Its probably a hacky way to do it, but I want to simplify it for myself. (or not)

I'm resurrecting the question of this person whos question was not answered How to convert PyOpenSSL object to PEM-encoded string?

Answer

turtlebender picture turtlebender · Mar 21, 2012

This is for generating a certificate signing request, but the concept should be the same

from OpenSSL import crypto

req = crypto.X509Req()
pkey = crypto.PKey()
pkey.generate_key(crypto.TYPE_RSA, 2048)
req.set_pubkey(pkey)
req.sign(pkey, 'sha1')
certreq = crypto.dump_certificate_request(crypto.FILETYPE_PEM, req)
certreq = certreq.replace('-----BEGIN CERTIFICATE REQUEST-----\n', '').replace('-----END CERTIFICATE REQUEST-----\n', '')
private_key = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)

for a certificate you can use:

crypto.dump_certificate(type, cert)