Documentation
¶
Overview ¶
Package certcmd implements the business logic for certigo's "cert" subcommand: converting between PFX and PEM, extracting just the key or just the certificate, and re-encrypting PFX output with a different password. It mirrors the semantics of Certipy's cert command (certipy-ad v5.0.3) so that flag combinations produce equivalent output.
All I/O flows through Run, which accepts an Options struct describing inputs/outputs and a stdout io.Writer used when no -out target is set. The package intentionally performs no LDAP or AD CS operations; it is a pure-local PKI utility layer on top of internal/pki.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Options ¶
type Options struct {
// Input (exactly one required).
PFXIn string
PEMIn string
// Output (at most one of the format-specific paths; generic Out is
// resolved to whichever format matches the remaining data).
PFXOut string
PEMOut string
Out string
// Passwords.
PFXInPassword string
PFXOutPassword string
// Extraction toggles. When either is true Run emits only the selected
// PEM block (to stdout unless Out/PEMOut is set).
ExtractKey bool
ExtractCert bool
// NoOut suppresses stdout output. Useful with -out so the caller isn't
// double-fed the same bytes.
NoOut bool
}
Options captures every flag Certipy's "cert" command accepts. One of PFXIn/PEMIn is required; the rest are optional and drive what Run emits.
Source Files