Stats
Actions
Tags
Generates CA certificates using Python cryptography library and configures mTLS with ssl module for zero-trust microservices authentication. Verifies chains, checks expiration, audits deployments.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills-zh:implementing-mtls-for-zero-trust-servicesThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
生成 CA 证书、颁发服务证书,并配置用于服务间身份验证的双向 TLS 验证。
生成 CA 证书、颁发服务证书,并配置用于服务间身份验证的双向 TLS 验证。
from cryptography import x509
from cryptography.x509.oid import NameOID
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.hazmat.primitives.asymmetric import rsa
import datetime
# 生成 CA 密钥和证书
ca_key = rsa.generate_private_key(public_exponent=65537, key_size=4096)
ca_cert = (x509.CertificateBuilder()
.subject_name(x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, "Internal CA")]))
.issuer_name(x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, "Internal CA")]))
.public_key(ca_key.public_key())
.serial_number(x509.random_serial_number())
.not_valid_before(datetime.datetime.utcnow())
.not_valid_after(datetime.datetime.utcnow() + datetime.timedelta(days=3650))
.add_extension(x509.BasicConstraints(ca=True, path_length=None), critical=True)
.sign(ca_key, hashes.SHA256()))
import ssl
context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
context.load_cert_chain("client.pem", "client-key.pem")
context.load_verify_locations("ca.pem")
context.verify_mode = ssl.CERT_REQUIRED
npx claudepluginhub killvxk/cybersecurity-skills-zhConfigures mTLS authentication between microservices using Python cryptography library for cert generation and ssl module for TLS verification. Validates chains, checks expiration, audits deployment for zero-trust service auth.
Configures mTLS authentication between microservices using Python cryptography library for certificate generation and ssl module for verification. Use when implementing zero-trust service-to-service authentication.
Generates CA and service certificates with Python cryptography, configures mTLS verification via ssl module, and audits deployment status for zero-trust service-to-service authentication.