README
¶
Go-ipfix Tests
Go-ipfix uses fake certificates for unit test and integration test. The fake certificates are generated manually and saved at cert.go. The developers need to renew the certificates before they expire following the steps below.
- Generate a fake CA cert and save the content in
ca-cert.pemtoFakeCACert.openssl genrsa 2048 > ca-key.pem openssl req -new -x509 -nodes -days 1000 -key ca-key.pem > ca-cert.pem - Generate the client certificate with RSA2048. Save the content in
client-key.pemtoFakeKeyandclient-cert.pemtoFakeCert. Repeat this step forFakeClientKeyandFakeClientCert.openssl req -newkey rsa:2048 -days 1000 -nodes -keyout client-key.pem > client-req.pem echo subjectAltName = IP:127.0.0.1 > extfile.cnf openssl x509 -req -in client-req.pem -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > client-cert.pem -extfile extfile.cnf - Generate the client certificate with ED25519. Save the content in
client-key.pemtoFakeKey2andclient-cert.pemtoFakeCert2.openssl genpkey -algorithm ed25519 -out client-key.pem openssl req -new -sha256 -key client-key.pem -out client-req.pem echo subjectAltName = IP:127.0.0.1 > extfile.cnf openssl x509 -req -in client-req.pem -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > client-cert.pem -extfile extfile.cnf
Documentation
¶
Index ¶
- Constants
- Variables
- func GenerateCACert(options ...CertificateOption) (*x509.Certificate, *rsa.PrivateKey, []byte, error)
- func GenerateClientCert(caCert *x509.Certificate, caKey *rsa.PrivateKey, options ...CertificateOption) ([]byte, []byte, error)
- func GenerateServerCert(caCert *x509.Certificate, caKey *rsa.PrivateKey, options ...CertificateOption) ([]byte, []byte, error)
- type CertificateOption
Constants ¶
View Source
const ( // TODO: update the certs before 2025-02-01 FakeCACert = `` /* 1350-byte string literal not displayed */ FakeKey = `` /* 1708-byte string literal not displayed */ FakeCert = `` /* 1241-byte string literal not displayed */ FakeClientKey = `` /* 1704-byte string literal not displayed */ FakeClientCert = `` /* 1188-byte string literal not displayed */ FakeKey2 = `-----BEGIN PRIVATE KEY----- MC4CAQAwBQYDK2VwBCIEIERk8ms6LU+Anq+cWg9pbfJ3KbXmWdjYaWKdMZKBV4sf -----END PRIVATE KEY----- ` FakeCert2 = `` /* 847-byte string literal not displayed */ )
Variables ¶
View Source
var ( // Hard coding the kafka msg in bytes. Need to figure out a way to generate this. Msg1ForFlowType1 = []byte{}/* 168 elements not displayed */ Msg2ForFlowType1 = []byte{}/* 216 elements not displayed */ Msg1ForFlowType2 = []byte{}/* 168 elements not displayed */ Msg2ForFlowType2 = []byte{}/* 216 elements not displayed */ )
Functions ¶
func GenerateCACert ¶ added in v0.5.14
func GenerateCACert(options ...CertificateOption) (*x509.Certificate, *rsa.PrivateKey, []byte, error)
func GenerateClientCert ¶ added in v0.5.14
func GenerateClientCert(caCert *x509.Certificate, caKey *rsa.PrivateKey, options ...CertificateOption) ([]byte, []byte, error)
func GenerateServerCert ¶ added in v0.5.14
func GenerateServerCert(caCert *x509.Certificate, caKey *rsa.PrivateKey, options ...CertificateOption) ([]byte, []byte, error)
Types ¶
type CertificateOption ¶ added in v0.5.14
type CertificateOption func(*x509.Certificate)
func AddDNSName ¶ added in v0.5.14
func AddDNSName(name string) CertificateOption
func AddIPAddress ¶ added in v0.5.14
func AddIPAddress(addr net.IP) CertificateOption
Source Files
Click to show internal directories.
Click to hide internal directories.