示例#1
0
func writeCert(certPath string, cert *x509.Certificate) error {
	f, err := os.OpenFile(certPath, os.O_CREATE|os.O_WRONLY, 0644)
	if err != nil {
		return err
	}
	defer f.Close()

	return tlsutil.WriteCertificatePEMBlock(f, cert)
}
示例#2
0
func (tc *TLSConfig) generateTLSClientWorker(cfg tlsutil.ClientCertConfig, caCert *x509.Certificate, caKey *rsa.PrivateKey) error {
	key, err := tlsutil.NewPrivateKey()
	if err != nil {
		return err
	}

	cert, err := tlsutil.NewSignedClientCertificate(cfg, key, caCert, caKey)
	if err != nil {
		return err
	}

	if err := tlsutil.WritePrivateKeyPEMBlock(tc.WorkerKey, key); err != nil {
		return err
	}
	if err := tlsutil.WriteCertificatePEMBlock(tc.WorkerCert, cert); err != nil {
		return err
	}

	return nil
}
示例#3
0
func (tc *TLSConfig) generateTLSCA(cfg tlsutil.CACertConfig) (*x509.Certificate, *rsa.PrivateKey, error) {
	key, err := tlsutil.NewPrivateKey()
	if err != nil {
		return nil, nil, err
	}

	cert, err := tlsutil.NewSelfSignedCACertificate(cfg, key)
	if err != nil {
		return nil, nil, err
	}

	if err := tlsutil.WritePrivateKeyPEMBlock(tc.CAKey, key); err != nil {
		return nil, nil, err
	}
	if err := tlsutil.WriteCertificatePEMBlock(tc.CACert, cert); err != nil {
		return nil, nil, err
	}

	return cert, key, nil
}