mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-12 14:14:56 +03:00
mukul975
c21af3347e
- Add scripts/agent.py and references/api-reference.md to all remaining skills - Update all 648 LICENSE files: copyright now reads 'Mahipal' - Add implementing-security-monitoring-with-datadog (new skill with full anatomy) - All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
1.7 KiB
1.7 KiB
Certificate Authority with OpenSSL — API Reference
Libraries
| Library | Install | Purpose |
|---|---|---|
| cryptography | pip install cryptography |
X.509 certificate generation, parsing, and validation |
| pyOpenSSL | pip install pyOpenSSL |
OpenSSL wrapper for certificate operations |
Key cryptography Methods
| Method | Description |
|---|---|
x509.CertificateBuilder() |
Build X.509 certificates |
rsa.generate_private_key(65537, key_size) |
Generate RSA private key |
x509.load_pem_x509_certificate(data) |
Parse PEM certificate |
cert.subject.rfc4514_string() |
Get subject as RFC 4514 string |
x509.random_serial_number() |
Generate unique serial number |
OpenSSL CLI Commands
| Command | Purpose |
|---|---|
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 |
Create self-signed CA |
openssl req -new -key server.key -out server.csr |
Generate CSR |
openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key |
Sign certificate |
openssl verify -CAfile ca.crt server.crt |
Verify certificate chain |
openssl x509 -in cert.pem -text -noout |
Display certificate details |
Certificate Best Practices
| Parameter | Recommended Value |
|---|---|
| Root CA Key Size | RSA 4096 or EC P-384 |
| Server Key Size | RSA 2048+ or EC P-256 |
| Signature Algorithm | SHA-256 or SHA-384 |
| Root CA Validity | 10-20 years |
| Server Cert Validity | 1 year (398 days max for public) |