Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
"-q",
"--quiet",
action="store_true",
help="Doesn't print out helpful information for humans",
)
args = parser.parse_args(argv or sys.argv[1:])
if len(args.identities) < 1:
raise ValueError("Must include at least one identity")
cert_dir = pathlib.Path(args.dir)
if not cert_dir.is_dir():
raise ValueError(f"--dir={cert_dir} is not a directory")
common_name = args.common_name[0] if args.common_name else None
# Generate the CA certificate
trustme._KEY_SIZE = args.key_size
ca = trustme.CA()
cert = ca.issue_cert(*args.identities, common_name=common_name)
# Write the certificate and private key the server should use
server_key = cert_dir / "server.key"
server_cert = cert_dir / "server.pem"
cert.private_key_pem.write_to_path(path=str(server_key))
with server_cert.open(mode="w") as f:
f.truncate()
for blob in cert.cert_chain_pems:
blob.write_to_path(path=str(server_cert), append=True)
# Write the certificate the client should trust
client_cert = cert_dir / "client.pem"
ca.cert_pem.write_to_path(path=str(client_cert))