Python, OpenSSL: self-signed certificate generation

0
votes
from cryptography.hazmat.primitives.asymmetric import rsa   
private_key = rsa.generate_private_key(
            public_exponent=65537,
            key_size=2048,
            backend=default_backend()
        )
public_key = private_key.public_key()

I'm a beginner in cryptography and I have used the python code above to generate a private and a public key. I'm using the public key to encrypt a password.
My question is, how would I password-protect the private key using the self-signed X.509 certificate using openssl tool?

1
pythoncryptography

1 Answers

0
votes

I don't think you need to encrypt the Private Key using the self-signed X.509 certificate. Private Keys are encrypted using pass-phrase.

You can use the below code snippet to achieve the same:

from cryptography.hazmat.primitives import serilization

key.private_bytes(encoding=serialization.Encoding.PEM,
                  format = serialization.PrivateFormat.TraditionalOpenSSL,
                  encryption_algorithm = serialization.BestAvailableEncryption(user_pass))

user_pass is the passphrase with which you wish to encrypt the private key.