A Python library for creating and signing X.509 certificate signing requests (CSRs) with KMS Keys.
kmscsrbuilder is a fork of csrbuilder, part of the modularcrypto family of Python packages:
0.0.1 - changelog
- asn1crypto
- oscrypto
- Python 2.6, 2.7, 3.2, 3.3, 3.4, 3.5, 3.6, 3.7, 3.8, 3.9 or pypy
git clone https://github.com/aws-samples/csr-builder-for-kms kmsCsrBuilder
pip3 install asn1crypto oscryptoimport sys
sys.path.append('.\kmsCsrBuilder')
from kmscsrbuilder import KMSCSRBuilder, pem_armor_csr
kms_arn = 'arn:aws:kms:eu-west-1:111122223333:key/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111'
builder = KMSCSRBuilder(
{
'country_name': 'IE',
'state_or_province_name': 'Meath',
'locality_name': 'Meath',
'organization_name': 'Palmep Tech',
'common_name': 'Patrick',
},
kms_arn
)
# Add subjectAltName domains
builder.subject_alt_domains = ['xks.palmep.tech', 'www.palmep.tech']
request = builder.build_with_kms(kms_arn)
with open('.\example-kms.csr', 'wb') as f:
f.write(pem_armor_csr(request))kmscsrbuilder is licensed under the terms of the MIT license. See the LICENSE file for the exact license text.