certificatebar

command module

v0.0.0-...-3c86fcf Latest Latest Go to latest Published: Nov 22, 2015 License: MIT Imports: 4 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/chrjoh/certificatebar

Links

Open Source Insights

README ¶

certificateBar

Initial setup, the goal is to create a simple tool to generate certificate and chains to perform test in development/stage environments. The setup should allow you to be able to change key types, key usage and other parameters on the certificates to verify that the test setup is working. The configurations will be aimed to remove some of the "magic" that people find then working with PKI and certificates. The configuration allows the seup of wrong key uasge to for testing clients then validating client certificates. The project is work in progress.

On a side note is the interesting announcement from NSA regaring elliptic curve crypto, see http://eprint.iacr.org/2015/1018.pdf

Dependencies

Installation

$ go get -u github.com/chrjoh/certificatebar

Usage

$ certificatebar --help

Command line arguments:

  -i configuration file to be used

Config

The structure of the config file is given bellow, certificates label conatins a list of certificate. (See config directory for a basic example setup.) The example below is a self signed certificate valid for domains www.foo.se, www.dront.se, www.fro.se and using a 2048 RSA key.

certificates:
  - certificate:
      id: mainca
      parent: mainca
      ca: true
      pkix:
        commonname: www.foo.se
        country: SE
        organization: test
        organizationunit: testca
      altnames:
        - www.dront.se
        - www.fro.se
      keytype: RSA
      keylength: 2048
      hashalg: SHA256
      validfrom: 2010-01-01
      validto: 2020-01-01
      usage:
        - certsign

The options for each keywords is(* denote required values)

keyword	description	options
id *	id used to identify the certificate and also the name used then saving the certificate and the private key to a file	string: mainca
parent *	certificate to be used then signing, must be a valid id	string: mainca
keytype *	key type to be used	string: RSA, P224, P256, P384, P512
ca	is this certificate used to sign other certificates, default value is false	boolean: true or false
commonname	the common name this certificate shoud have	string: www.foo.se
country	the country code to use	string: SE
organization	organisation name	string: test
organizationunit	organisation unit to be used	string: testca
altnames	list of alternative DNS names this certificate is valid for	string: valid dns names
keylength	key length, only used with RSA key, default is 2048	int: 2048
hashalg	which algorithm to be used for signature, default is SHA256	string: SHA1, SHA256, SHA384, SHA512
validfrom	Start date then the certificate is valid, default is now	string: 2010-01-01
validto	End date then the certificate is not valid, default is 1 year	string: 2020-01-01
usage	Key usage to ad to the certificates, see list below for options	list of strings

Key usage

If empty, if CA is true keys to sign certificates and crl lista are added, otherwise client and server authentications are added.

keyword	description
certsign	allowed to sign certificates
crlsign	allowed to sign crl
encipherment	allowed to enciphering private or secret keys
clientauth	allowed to authenticate as client
serverauth	allowed ot be used for server authenthication
signature	allowed to perfom digital signature

License (MIT)

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
assember
certificate
certificatebar
key

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL