tls-certificate-generator-go

command module

v0.0.5 Latest Latest Go to latest Published: May 16, 2022 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/cjlapao/tls-certificate-generator-go

Links

Open Source Insights

README ¶

TLS Certificate Generator

This tool will generate self signed certificates with a chain of trust by creating and mimicking a trust chain using Root CA and Intermediate CA to sign. This is useful for local development under HTTPS as we can after trusting the RootCA and IntermediateCA make the browsers trust it.

How To Use

Create a config.yml file in the root of the tool and fill up the following settings

rootCertificates:
- name: ACME Root CA # Configuration name, this will be used for the filename of the certificate
  config:
    country: Moon # Country
    state: Dark Side # State
    organization: ACME Inc. # Organization
    commonName: ACME Root CA # Certificate Common Name
    city: Bright # City
    fqdns: # the domain we are certifying like for example localhost
    - example.com 
    ipAddresses: # IP address to fix the certificate to, not mandatory
    - 127.0.0.1 
    organizationalUnit: ACME IT # Organizational unit for the root certificate
    adminEmailAddress: admin@example.com # Email address to use as an admin
    expiresInYears: 5 # number of years the certificate is valid
    keySize: 2048 # Certificate Key Size
    signatureAlgorithm: 4 # Certificate signature algorithm, 4. SHA256, 5. SHA384 6. SHA512
  intermediateCertificates:
  - name: ACME Intermediate CA # Configuration name, this will be used for the filename of the certificate
    config:
      country: Moon # Country
      state: Dark Side # State
      organization: ACME Inc. # Organization
      commonName: ACME Intermediate CA # Certificate Common Name
      city: Bright # City
      fqdns: # the domain we are certifying like for example localhost
      - example.com 
      ipAddresses: # IP address to fix the certificate to, not mandatory
      - 127.0.0.1
      organizationalUnit: ACME IT # Organizational unit for the root certificate
      adminEmailAddress: admin@example.com # Email address to use as an admin
      expiresInYears: 5 # number of years the certificate is valid
      keySize: 2048 # Certificate Key Size
      signatureAlgorithm: 4 # Certificate signature algorithm, 4. SHA256, 5. SHA384 6. SHA512
    certificates:
    - name: ACME Localhost
      config:
        country: Moon # Country
        state: Dark Side # State
        organization: ACME Inc. # Organization
        commonName: ACME Localhost # Certificate Common Name
        city: Bright # City
        fqdns: # the domain we are certifying like for example localhost
        - localhost
        - '*.localhost'
        organizationalUnit: ACME IT # Organizational unit for the root certificate
        adminEmailAddress: admin@example.com # Email address to use as an admin
        expiresInYears: 1 # number of years the certificate is valid
        keySize: 2048 # Certificate Key Size
        signatureAlgorithm: 4 # Certificate signature algorithm, 4. SHA256, 5. SHA384 6. SHA512
    - name: ACME example.com
      config:
        country: Moon # Country
        state: Dark Side # State
        organization: ACME Inc. # Organization
        commonName: ACME Example # Certificate Common Name
        city: Bright # City
        fqdns: # the domain we are certifying like for example localhost
        - example.com
        - '*.example.com'
        organizationalUnit: ACME IT # Organizational unit for the root certificate
        adminEmailAddress: admin@example.com # Email address to use as an admin
        expiresInYears: 1 # number of years the certificate is valid
        keySize: 2048 # Certificate Key Size
        signatureAlgorithm: 4 # Certificate signature algorithm, 4. SHA256, 5. SHA384 6. SHA512
        password: changeit # this will allow to create a pkcs12 certificate with this password, this is normally used in the IIS web hosting
outputToFile: true # set this to true if you want to get the certificates into files, they will also be added to the file

Run the following command in command line in Administrator
```
.\tls-certificate-generator.exe
```

this will output something similar to this notifying that everything went as expected

********************************************************************************
*                                                                              *
*                      TLS Certificate Generator 0.0.0.1                       *
*                                                                              *
* Author: Carlos Lapao                                                         *
* License: MIT                                                                 *
********************************************************************************

|- Root
|  |- ACME Root CA
|  |  |- ACME Intermediate CA
|  |  |  |- ACME Localhost
|  |  |  |- ACME example.com

Future work

The objective is also to create an api that will mimic the Root to remove certificates

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
config
constants
entities
generator
installer
startup

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL