ssl

command
v0.0.0-...-16ad6c0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 6, 2024 License: AGPL-3.0 Imports: 15 Imported by: 0

README

SSL Generate

Easy way

Use generate.go

Manual

1. Create a root CA certificate
  • Create the root key
openssl ecparam -out root.key -name prime256v1 -genkey
  • Create a Root Certificate and self-sign it
openssl req -new -sha256 -key root.key -out root.csr
  • Generate the Root Certificate
openssl x509 -req -sha256 -days 365 -in root.csr -signkey root.key -out root.crt
2.Create a server certificate
  • Create the certificate's key
openssl ecparam -out server.key -name prime256v1 -genkey
  • Create the CSR (Certificate Signing Request)
openssl req -new -sha256 -key server.key -out server.csr
  • Generate the certificate with the CSR and the key and sign it with the CA's root key

Replace <<DOMAIN>>


cat > "server.ext" <<EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names

[alt_names]
DNS.1 = <<DOMAIN>>
EOF

openssl x509 -req -in server.csr -CA  root.crt -CAkey root.key -CAcreateserial -out server.crt -days 365 -sha256 -extfile server.ext
  • Verify the created certificate
openssl x509 -in server.crt -text -noout

Documentation

Overview

generate-tls-cert generates root, leaf, and client TLS certificates.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.