1

I have a large folder containing X.509 certificates (.cer files), some of which are encoded in Base64 format and some of which are in DER format. I want them all to be in Base64 format so I can open them in a text editor and see the BEGIN CERTIFICATE and END CERTIFICATE stuff and not just a bunch of gibberish.

I did some searching and found stuff like this and this which gives me hope because I just write a Python script like: 

for cert in os.listdir("/path/to/certificate/dir"):
    openssl x509 -in cert -out newcert.cer -outform PEM

Now the issue is that I need other folks to do this on multiple computers (on Windows) and instead of requiring them all to download the Win32 OpenSSL executable, I want to simply package up my script into an executable that I can hand off to these folks and have it run and convert everything.

I'm new to packaging concepts so forgive me if I can ask wrong or stupid-sounding questions but is there a way to package up the openssl library along with my Python script into an executable? If so, can someone point me on the right path?

Thanks!

EDIT:

I've only packaged once using py2exe.

EDIT 2:

I'm still stuck on how to do this. FWIW, I have a Windows 8 machine with Python 2.7 installed, and a folder containing X.509 certs in a mixture of base64 or DER encoded format that I want to convert all to base64 encoding. I downloaded the Win64OpenSSL_Light-1_0_1f.exe from the Shining Light Productions website. I installed it, navigated to the created directory and the bin folder in which is the openssl.exe command. Then, in the command prompt, I typed: 

openssl x509 -in INPUT.cer -out OUTPUT.cer -outform PEM

and I got the error: 

unable to load certificate
4716:error:blahblah:PEM routines:PEM_read_bio:no start line:.\crypto\pem\pem_lib.c:703 Expecting: TRUSTED CERTIFICATE

The INPUT.cer is in DER encoding. I understand that the cert is not trusted but I don't really care about that right now (I don't want to have to install each of the certs into my trusted cert store). I just want to convert it to Base64 if possible. In other words, I want to automate the process of opening up each individual .cer file, going to the Details tab, clicking Copy to File, going through the export wizard and selecting to export it as a Base64 encoding.

EDIT 3:

Okay, so this link helped me out tremendously. I got the conversion to work. Yay. Now, I still need to figure out how to "package" this OpenSSL with my py2exe so that I can run the command over and over again.

EDIT 4:

Here is my setup.py file. 

from distutils.core import setup
import py2exe
from glob import glob
import sys

data_files = [("Microsoft.VC90.CRT", glob(r'C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\*.*'))]


sys.path.append("C:\\Windows\\WinSxS\\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada")

setup(
    data_files = data_files,
    console=['myscript.py']
)

I usually run py2exe setup.py which creates the dist and build folders. It packages up everything and creates a myscript.exe that I can run. What do I need to do to get it to include the OpenSSL binaries?

Community
  • 1
  • 1
noblerare
  • 10,277
  • 23
  • 78
  • 140
  • Perhaps I'm missing something. Rather than packaging OpenSSL, why not just package the certs that you have converted to PEM? – jww Feb 20 '14 at 20:59
  • @noloader: thanks for your comment. my scenario is that I have other coworkers who have many __different__ certs on their machines so I am trying to deploy a script that will convert them all to base64. I don't necessarily know what they have. – noblerare Feb 20 '14 at 21:04

0 Answers0