Using pyOpenSSL to have a custom CA verify certificates
Hi,
I'm using pyOpenSSL to generate certificates and build a custom certificate authority that will verify these certificates.
I was wondering how to give my CA the power to verify certificates. The examples I've seen online talk about distributing the public key of a CA and using that to decrypt certificates and see if the data matches how you think it should, however I noticed a verify function in the crypto library which takes in a signature. I was wondering what was the intended use of this function.
In addition, I'm using the SSL module in python, and it requires a ca_certs file which lists the CAs you trust. If I add my custom CA to this list, do I not need to worry about typing code myself to verify the certificates myself.
Sorry, I'm a bit lost with whole thing.
Question information
- Language:
- English Edit question
- Status:
- Answered
- For:
- pyOpenSSL Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Can you help with this problem?
Provide an answer of your own, or ask Gabriel Kho for more information if necessary.