diff --git a/cert_generate.py b/cert_generate.py
new file mode 100644
index 0000000..1b019c3
--- /dev/null
+++ b/cert_generate.py
@@ -0,0 +1,41 @@
+from cryptography import x509
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives import serialization
+from OpenSSL import crypto
+import tkinter 
+import tkinter.filedialog 
+root=tkinter.Tk()
+root.withdraw()
+#加载公钥
+path=tkinter.filedialog.askopenfilename(title="选择公钥文件",filetypes=[("PEM files","*.pem")])
+with open(path, 'rb') as f:
+    public_key = f.read()
+public_key = crypto.load_publickey(crypto.FILETYPE_PEM, public_key)
+#加载私钥
+path=tkinter.filedialog.askopenfilename(title="选择私钥文件",filetypes=[("PEM files","*.pem")])
+with open(path, 'rb') as f:
+    private_key = f.read()
+private_key = crypto.load_privatekey(crypto.FILETYPE_PEM, private_key)
+cert = crypto.X509()
+cert.get_subject().C = "CN"
+cert.get_subject().ST = "Beijing"
+cert.get_subject().L = "Beijing"
+cert.get_subject().O = "Example Inc."
+cert.get_subject().OU = "IT"
+cert.get_subject().CN = "example.com"
+cert.set_serial_number(1000)
+cert.gmtime_adj_notBefore(0)
+cert.gmtime_adj_notAfter(10*365*24*60*60)  
+# 有效期10年
+cert.set_issuer(cert.get_subject())
+cert.set_pubkey(public_key)
+cert.sign(private_key, 'sha256')
+# 保存证书
+cert_pem = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
+path=tkinter.filedialog.asksaveasfilename(title="证书保存",defaultextension=".pem", filetypes=[("PEM files", "*.pem")])
+
+try:
+    with open(path,'wb') as f:
+        f.write(cert_pem)
+except:
+    print("保存失败")
\ No newline at end of file