ssl

command

v0.0.0-...-9be8108 Latest Latest Go to latest Published: Mar 10, 2024 License: AGPL-3.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/peterzam/public-gists

Links

Open Source Insights

README ¶

SSL Generate

Easy way

Use generate.go

Manual

1. Create a root CA certificate

Create the root key

openssl ecparam -out root.key -name prime256v1 -genkey

Create a Root Certificate and self-sign it

openssl req -new -sha256 -key root.key -out root.csr

Generate the Root Certificate

openssl x509 -req -sha256 -days 365 -in root.csr -signkey root.key -out root.crt

2.Create a server certificate

Create the certificate's key

openssl ecparam -out server.key -name prime256v1 -genkey

Create the CSR (Certificate Signing Request)

openssl req -new -sha256 -key server.key -out server.csr

Generate the certificate with the CSR and the key and sign it with the CA's root key

Replace <<DOMAIN>>


cat > "server.ext" <<EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names

[alt_names]
DNS.1 = <<DOMAIN>>
EOF

openssl x509 -req -in server.csr -CA  root.crt -CAkey root.key -CAcreateserial -out server.crt -days 365 -sha256 -extfile server.ext

Verify the created certificate

openssl x509 -in server.crt -text -noout

Documentation ¶

Overview ¶

generate-tls-cert generates root, leaf, and client TLS certificates.

Source Files ¶

View all Source files

generate.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL