txacme.util module

Utility functions that may prove useful when writing an ACME client.

txacme.util.generate_private_key(key_type)[source]

Generate a random private key using sensible parameters.

Parameters:key_type (str) – The type of key to generate. One of: rsa.
txacme.util.generate_tls_sni_01_cert(server_name, key_type=u'rsa', _generate_private_key=None)[source]

Generate a certificate/key pair for responding to a tls-sni-01 challenge.

Parameters:
  • server_name (str) – The SAN the certificate should have.
  • key_type (str) – The type of key to generate; usually not necessary.
Return type:

Tuple[`~cryptography.x509.Certificate`, PrivateKey]

Returns:

A tuple of the certificate and private key.

txacme.util.cert_cryptography_to_pyopenssl(cert)[source]

Convert a cryptography.x509.Certificate object to an OpenSSL.crypto.X509 object.

txacme.util.key_cryptography_to_pyopenssl(key)[source]

Convert a Cryptography private key object to an OpenSSL.crypto.PKey object.

txacme.util.tap(f)[source]

“Tap” a Deferred callback chain with a function whose return value is ignored.

txacme.util.encode_csr(csr)[source]

Encode CSR as JOSE Base-64 DER.

Parameters:csr (cryptography.x509.CertificateSigningRequest) – The CSR.
Return type:str
txacme.util.decode_csr(b64der)[source]

Decode JOSE Base-64 DER-encoded CSR.

Parameters:b64der (str) – The encoded CSR.
Return type:cryptography.x509.CertificateSigningRequest
Returns:The decoded CSR.
txacme.util.csr_for_names(names, key)[source]

Generate a certificate signing request for the given names and private key.

Parameters:
  • List[str] – One or more names (subjectAltName) for which to request a certificate.
  • key – A Cryptography private key object.
Return type:

cryptography.x509.CertificateSigningRequest

Returns:

The certificate request message.

txacme.util.clock_now(clock)[source]

Get a datetime representing the current time.

Parameters:clock – An IReactorTime provider.
Return type:datetime
Returns:A datetime representing the current time.
txacme.util.check_directory_url_type(url)[source]

Check that url is a twisted.python.url.URL instance, raising TypeError if it isn’t.

txacme.util.const(x)[source]

Return a constant function.