go-cert-gen/README.md

# go-gen-cert

## Preamble
I've decided to create this project based on [this example](https://github.com/yasushi-saito/grpc-ssl-example/blob/master/go/main.go) but with some improvements, which I would like to give thanks.

I had some trouble during TLS communication between both of my gRPC server and client. I've decided to create a tool to generate SSL certificates following a little of this [guide](https://jamielinux.com/docs/openssl-certificate-authority/create-the-intermediate-pair.html).

## TODO:
- [ ] Create intermediate authority to sign certificates on behalf CA to add more security. If intermediate is hacked then you can revoke from CA and generate new intermediates keeping CA isolated from beeing hacked.

- ~~[x] Complete tests~~

## Configuration
If you are on `dev` environment, like I've been doing, you must create `.env` file similar as `.env.example` in this repo:

```bash
VIPER_CONFIG=your-viper-file-name-without-extension
VIPER_CONFIG_TYPE=yaml
ENV=dev
```

Then add viper configuration file, yaml for example, in your root directory:
```yaml
export_dir: "/home"
ca:
    serial_number: 12152 # serial number
    subject:
        organization: "yourdomain.com"
        common_name: "*.yourdomain.com"
    key_usage: 1
    ext_key_usage: 
        - 1
        - 2
        duration: "8760h0m0s" #1 year
client:
    serial_number: 12151232 # serial number
    subject:
        organization: "yourdomain.com"
        country: "RM"
        province: "REML"
        locality: ""
        street_address: ""
        postal_code: ""
    subject_key_id:
        - 1
        - 2
        - 3
        - 4
        - 6
    key_usage: 1
    ext_key_usage: 
        - 1
        - 2
    duration: "8760h0m0s"
```
## Execution
Then you can just run 
```bash
go run main.go
```

## tests
Just simply run make command and watch coverage results on `cover.html` within `coverage` 
```shell
make test-coverage
rm -rf coverage
mkdir coverage
go test -v -coverprofile coverage/cover.out ./...
=== RUN   TestCredentialsFromKeyWithPasswd
--- PASS: TestCredentialsFromKeyWithPasswd (0.37s)
=== RUN   TestCredentialsFromKeyWithPasswdError
--- PASS: TestCredentialsFromKeyWithPasswdError (0.46s)
PASS
coverage: 90.9% of statements
ok      gitea.urkob.com/urko/go-grpc-certificate/pkg/credentials        0.839s  coverage: 90.9% of statements
go tool cover -html coverage/cover.out -o coverage/cover.html
```

## goreportcard
```bash
make goreportcard
```
output:
```bash
➜  go-cert-gen git:(main) goreportcard-cli -v
Grade .......... A+ 100.0%
Files ................. 12
Issues ................. 0
gofmt ............... 100%
go_vet .............. 100%
gocyclo ............. 100%
ineffassign ......... 100%
license ............. 100%
misspell ............ 100%
```