octavia.common.tls_utils package

octavia.common.tls_utils package


octavia.common.tls_utils.cert_parser module


Concatenate TLS container fields to create a PEM

encoded certificate file

Parameters:tls_container – Object container TLS certificates
Returns:Pem encoded certificate file

Extract the expiration date from the Pem encoded X509 certificate

Parameters:certificate_pem – Certificate in PEM format
Returns:Expiration date of certificate_pem

Extract the host names from the Pem encoded X509 certificate

Parameters:certificate – A PEM encoded certificate
Returns:A dictionary containing the following keys: [‘cn’, ‘dns_names’] where ‘cn’ is the CN from the SubjectName of the certificate, and ‘dns_names’ is a list of dNSNames (possibly empty) from the SubjectAltNames of the certificate.

Split the input string into individual x509 text blocks

Parameters:intermediates – PEM or PKCS7 encoded intermediate certificates
Returns:A list of strings where each string represents an X509 pem block surrounded by BEGIN CERTIFICATE, END CERTIFICATE block tags

Returns primary CN for Certificate.

load_certificates_data(cert_mngr, listener)[source]

Load TLS certificate data from the listener.


prepare_private_key(private_key, passphrase=None)[source]

Prepares an unencrypted PEM-encoded private key for printing

Parameters:private_key – The private key in PEM format (encrypted or not)
Returns:The unencrypted private key in PEM format
validate_cert(certificate, private_key=None, private_key_passphrase=None, intermediates=None)[source]

Validate that the certificate is a valid PEM encoded X509 object

Optionally verify that the private key matches the certificate. Optionally verify that the intermediates are valid X509 objects.

  • certificate – A PEM encoded certificate
  • private_key – The private key for the certificate
  • private_key_passphrase – Passphrase for accessing the private key
  • intermediates – PEM or PKCS7 encoded intermediate certificates


Module contents

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.