melon/certgen
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Allow ca-signed client certs and self-signed server certs

Browse Source
This commit is contained in:
Melon 2022-03-13 14:09:12 +00:00
parent ea5b79d8d8
commit 4d057cdb31
Signed by: melon
GPG Key ID: B0ADD5395BCDAAB6
2 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
client.go
View File

@ -11,7 +11,7 @@ import (
"time" "time"
) )
func MakeClientTls(name pkix.Name, serialNumber *big.Int) (*CertGen, error) { func MakeClientTls(ca *CertGen, name pkix.Name, serialNumber *big.Int) (*CertGen, error) {
cert := &x509.Certificate{ cert := &x509.Certificate{
SerialNumber: serialNumber, SerialNumber: serialNumber,
Subject: name, Subject: name,
@ -27,7 +27,10 @@ func MakeClientTls(name pkix.Name, serialNumber *big.Int) (*CertGen, error) {
log.Fatalln("Failed to generate client private key:", err) log.Fatalln("Failed to generate client private key:", err)
} }
clientBytes, err := x509.CreateCertificate(rand.Reader, cert, cert, clientPrivKey.Public(), clientPrivKey) if ca == nil {
ca = &CertGen{cert: cert, key: clientPrivKey}
}
clientBytes, err := x509.CreateCertificate(rand.Reader, cert, ca.cert, clientPrivKey.Public(), ca.key)
if err != nil { if err != nil {
log.Fatalln("Failed to generate client certificate bytes:", err) log.Fatalln("Failed to generate client certificate bytes:", err)
} }

3
server.go
View File

@ -30,6 +30,9 @@ func MakeServerTls(ca *CertGen, name pkix.Name, serialNumber *big.Int, dnsNames
log.Fatalln("Failed to generate server private key:", err) log.Fatalln("Failed to generate server private key:", err)
} }
if ca == nil {
ca = &CertGen{cert: cert, key: serverPrivKey}
}
serverBytes, err := x509.CreateCertificate(rand.Reader, cert, ca.cert, serverPrivKey.Public(), ca.key) serverBytes, err := x509.CreateCertificate(rand.Reader, cert, ca.cert, serverPrivKey.Public(), ca.key)
if err != nil { if err != nil {
log.Fatalln("Failed to generate server certificate bytes:", err) log.Fatalln("Failed to generate server certificate bytes:", err)