Add basic constraints to certificate

pypa · Mar 20, 2023 · a77fbdc · a77fbdc
1 parent 7c576fb
commit a77fbdc
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/tests/lib/certs.py b/tests/lib/certs.py
@@ -25,6 +25,10 @@ def make_tls_cert(hostname: str) -> Tuple[x509.Certificate, rsa.RSAPrivateKey]:
  .serial_number(x509.random_serial_number())
  .not_valid_before(datetime.utcnow())
  .not_valid_after(datetime.utcnow() + timedelta(days=10))
+ .add_extension(
+ x509.BasicConstraints(ca=True, path_length=9),
+ critical=True,
+ )
  .add_extension(
  x509.SubjectAlternativeName([x509.DNSName(hostname)]),
  critical=False,