PySide6.QtOpcUa.QOpcUaX509CertificateSigningRequest¶
- class QOpcUaX509CertificateSigningRequest¶
QOpcUaX509CertificateSigningRequest
create a certificate signing request. More…Synopsis¶
Methods¶
def
__init__()
def
addExtension()
def
createRequest()
def
encoding()
def
messageDigest()
def
setEncoding()
def
setSubject()
def
subject()
Note
This documentation may contain snippets that were automatically translated from C++ to Python. We always welcome contributions to the snippet translation. If you see an issue with the translation, you can also let us know by creating a ticket on https:/bugreports.qt.io/projects/PYSIDE
Detailed Description¶
This class is currently available as a Technology Preview, and therefore the API and functionality provided by the class may be subject to change at any time without prior notice.
Before actually creating the singing request data, any extension needed for that specific request has to be added. Current supported extensions are SubjectAlternativeName, BasicConstrains, KeyUsage and ExtendedKeyUsage.
// Generate key QOpcUaKeyPair key; key.generateRsaKey(QOpcUaKeyPair::RsaKeyStrength::Bits1024); QOpcUaX509CertificateSigningRequest csr; QOpcUaX509DistinguishedName dn; dn.setEntry(QOpcUaX509DistinguishedName::Type::CommonName, "QtOpcUaViewer"); dn.setEntry(QOpcUaX509DistinguishedName::Type::CountryName, "DE"); dn.setEntry(QOpcUaX509DistinguishedName::Type::LocalityName, "Berlin"); dn.setEntry(QOpcUaX509DistinguishedName::Type::StateOrProvinceName, "Berlin"); dn.setEntry(QOpcUaX509DistinguishedName::Type::OrganizationName, "The Qt Company"); csr.setSubject(dn); QOpcUaX509ExtensionSubjectAlternativeName *san = new QOpcUaX509ExtensionSubjectAlternativeName; san->addData(QOpcUaX509ExtensionSubjectAlternativeName::Type::DNS, "foo.com"); san->addData(QOpcUaX509ExtensionSubjectAlternativeName::Type::DNS, "foo.com"); san->addData(QOpcUaX509ExtensionSubjectAlternativeName::Type::URI, "urn:foo.com:The%20Qt%20Company:QtOpcUaViewer"); san->setCritical(true); csr.addExtension(san); QOpcUaX509ExtensionBasicConstraints *bc = new QOpcUaX509ExtensionBasicConstraints; bc->setCa(false); bc->setCritical(true); csr.addExtension(bc); QOpcUaX509ExtensionKeyUsage *ku = new QOpcUaX509ExtensionKeyUsage; ku->setCritical(true); ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::DigitalSignature); ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::NonRepudiation); ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::KeyEncipherment); ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::DataEncipherment); ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::CertificateSigning); csr.addExtension(ku); QOpcUaX509ExtensionExtendedKeyUsage *eku = new QOpcUaX509ExtensionExtendedKeyUsage; eku->setCritical(true); eku->setKeyUsage(QOpcUaX509ExtensionExtendedKeyUsage::KeyUsage::EmailProtection); csr.addExtension(eku); QByteArray csrData = csr.createRequest(key);
- class MessageDigest¶
This enum type specifies the message digest to be used.
Constant
Description
QOpcUaX509CertificateSigningRequest.MessageDigest.SHA256
Using the SHA256 message digest
- class Encoding¶
This enum type specifies the encoding of the generated certificate siging request.
Constant
Description
QOpcUaX509CertificateSigningRequest.Encoding.PEM
Using PEM encoding
QOpcUaX509CertificateSigningRequest.Encoding.DER
Using DER encoding
- __init__()¶
Creates an empty certificate signing request.
- addExtension(extension)¶
- Parameters:
extension –
QOpcUaX509Extension
Adds a certificate extension to the request.
The ownership of the
extension
object will be transferred to this class.- createRequest(privateKey)¶
- Parameters:
privateKey –
QOpcUaKeyPair
- Return type:
Creates a certificate signing request to be the to a CA for signing. The private key in
privateKey
is used to sign the request. The request data is returned as a byte array in the encoding set bysetEncoding()
.- createSelfSignedCertificate(privateKey[, validityInDays=365])¶
- Parameters:
privateKey –
QOpcUaKeyPair
validityInDays – int
- Return type:
Creates a self-signed certificate from this request for immediate use. The private key in
privateKey
is used to sign the request. A validity in days can be specified invalidityInDays
. The request data is returned as a byte array in the encoding set bysetEncoding()
.Returns the used request encoding.
See also
- messageDigest()¶
- Return type:
Returns the used message digest.
See also
Sets the used request encoding to
encoding
. The default request encoding is PEM.See also
- setMessageDigest(digest)¶
- Parameters:
digest –
MessageDigest
Sets the used message digest to
digest
. The default message digest is SHA256.See also
- setSubject(subject)¶
- Parameters:
subject –
QOpcUaX509DistinguishedName
Sets the
subject
for this request. Without a subject it is not possible to generate the request.See also
- subject()¶
- Return type:
Returns the subject of this request.
See also