// Sets up a fake CA cert in our temp location. NOTE: It is the callers' // responsibilty to issue a `defer os.RemoveAll(tmpDir)` once done func generateCaCert() error { // Setup fake cert os.Mkdir(mirror.GetCADir(), 755) os.Mkdir(mirror.GetCertDir(), 755) CaCertPath := filepath.Join(mirror.GetCADir(), "ca.pem") CaKeyPath := filepath.Join(mirror.GetCertDir(), "key.pem") testOrg := "test-org" bits := 2048 if err := GenerateCACertificate(CaCertPath, CaKeyPath, testOrg, bits); err != nil { return err } if _, err := os.Stat(CaCertPath); err != nil { return err } if _, err := os.Stat(CaKeyPath); err != nil { return err } return nil }
func getDefaultConfig() *Config { caHomeDir := mirror.GetCADir() certDir := mirror.GetCertDir() caCertPath := filepath.Join(caHomeDir, "ca.pem") caKeyPath := filepath.Join(caHomeDir, "key.pem") certPath := filepath.Join(certDir, "cert.pem") keyPath := filepath.Join(certDir, "cert-key.pem") serverCertPath := filepath.Join(certDir, "server-cert.pem") serverKeyPath := filepath.Join(certDir, "server-key.pem") return &Config{ ClientKeyPath: keyPath, ClientCertPath: certPath, CaCertPath: caCertPath, CaKeyPath: caKeyPath, ServerCertPath: serverCertPath, ServerKeyPath: serverKeyPath, } }
func (p *PKI) ImportCA(name string, certPath string) error { // Validate name - only alphanumeric var nameMatch = regexp.MustCompile(`^[a-zA-Z-_\.0-9]+$`) if !nameMatch.MatchString(name) { return errors.New("CA Name must contain only alphanumeric characters") } dstCert := filepath.Join(mirror.GetCADir(), fmt.Sprintf("%s-ca.pem", name)) cert, err := ioutil.ReadFile(certPath) if err != nil { return err } // import Cert if strings.Contains(string(cert), CertificatePreamble) { ioutil.WriteFile(dstCert, cert, 0600) } else { return errors.New(fmt.Sprintf("Certificate provided is not valid, no %s present", CertificatePreamble)) } return nil }