示例#1
0
func (suite *UserTestSuite) generateCertificate() []byte {

	// generate private key
	privatekey, err := rsa.GenerateKey(rand.Reader, 2048)
	suite.Nil(err)

	// Create Certificate request
	csr, _, err := auth.CreateCertificateRequest(log.NullLog, privatekey, "kappa", "kappa", "US", "127.0.0.1")
	suite.Nil(err)

	// Generate subject key id
	subjectKeyID, err := auth.GenerateSubjectKeyID(privatekey)
	suite.Nil(err)

	// Create serial number
	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
	suite.Nil(err)

	// Create template
	template := &x509.Certificate{
		IsCA: false,
		BasicConstraintsValid: false,
		SubjectKeyId:          subjectKeyID,
		SerialNumber:          serialNumber,
		Subject:               csr.Subject,
		PublicKeyAlgorithm:    x509.RSA,
		SignatureAlgorithm:    x509.SHA512WithRSA,
		NotBefore:             time.Now().Add(-600).UTC(),
		NotAfter:              time.Now().AddDate(10, 0, 0).UTC(),
		IPAddresses:           []net.IP{net.ParseIP("127.0.0.1")},

		// see http://golang.org/pkg/crypto/x509/#KeyUsage
		ExtKeyUsage:        []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
		KeyUsage:           x509.KeyUsageDigitalSignature,
		UnknownExtKeyUsage: nil,

		// Subject Alternative Name
		DNSNames: nil,

		PermittedDNSDomainsCritical: false,
		PermittedDNSDomains:         nil,
	}

	// Create cert
	crt, err := x509.CreateCertificate(rand.Reader, template, template, &privatekey.PublicKey, privatekey)
	suite.Nil(err)

	return crt
}
示例#2
0
					fmt.Println("New certificate was not created.")
					return
				}
			}
		}

		// generate private key
		privatekey, err := rsa.GenerateKey(rand.Reader, viper.GetInt("Bits"))
		if err != nil {
			logger.Warn("Error generating private key")
			return
		}

		// Create Certificate request
		csr, req, err := auth.CreateCertificateRequest(logger, privatekey,
			viper.GetString("Name"), viper.GetString("Organization"),
			viper.GetString("Country"), viper.GetString("Hosts"))
		if err != nil {
			logger.Warn("Error creating CA", "err", err.Error())
			return
		}

		// Create Certificate
		crt, err := auth.CreateCertificate(logger, csr, privatekey,
			viper.GetInt("Years"), viper.GetString("Hosts"))
		if err != nil {
			logger.Warn("Error creating certificate", "err", err.Error())
			return
		}

		// Save cert request