Example #1
0
func newStatusAction(c *cli.Context) {
	crtAuth, err := depot.GetCertificateAuthority(d)
	if err != nil {
		fmt.Fprintln(os.Stderr, "CA certificate hasn't existed!")
	} else {
		printSignedStatusLine(crtAuth, "CA")
	}

	tags := d.List()
	for _, tag := range tags {
		name := depot.GetNameFromHostCrtTag(tag)
		if name == "" {
			continue
		}
		if !depot.CheckCertificateSigningRequest(d, name) {
			fmt.Fprintln(os.Stderr, "Certificate request hasn't existed!")
			continue
		}
		crt, err := depot.GetCertificateHost(d, name)
		if err != nil {
			fmt.Printf("%s: Unsigned\n", name)
			continue
		}
		printSignedStatusLine(crt, name)
	}
}
Example #2
0
func newCertAction(c *cli.Context) {
	if len(c.Args()) != 1 {
		fmt.Fprintln(os.Stderr, "One host name must be provided.")
		os.Exit(1)
	}
	name := c.Args()[0]

	if depot.CheckCertificateSigningRequest(d, name) || depot.CheckPrivateKeyHost(d, name) {
		fmt.Fprintln(os.Stderr, "Certificate request has existed!")
		os.Exit(1)
	}

	var passphrase []byte
	var err error
	if c.IsSet("passphrase") {
		passphrase = []byte(c.String("passphrase"))
	} else {
		passphrase, err = createPassPhrase()
		if err != nil {
			fmt.Fprintln(os.Stderr, err)
			os.Exit(1)
		}
	}

	key, err := pkix.CreateRSAKey(c.Int("key-bits"))
	if err != nil {
		fmt.Fprintln(os.Stderr, "Create RSA Key error:", err)
		os.Exit(1)
	} else {
		fmt.Printf("Created %s/key\n", name)
	}

	csr, err := pkix.CreateCertificateSigningRequest(key, name, c.String("ip"), c.String("domain"), c.String("organization"), c.String("country"))
	if err != nil {
		fmt.Fprintln(os.Stderr, "Create certificate request error:", err)
		os.Exit(1)
	} else {
		fmt.Printf("Created %s/crt\n", name)
	}

	if err = depot.PutCertificateSigningRequest(d, name, csr); err != nil {
		fmt.Fprintln(os.Stderr, "Save certificate request error:", err)
	}
	if err = depot.PutEncryptedPrivateKeyHost(d, name, key, passphrase); err != nil {
		fmt.Fprintln(os.Stderr, "Save key error:", err)
	}
}