You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
Urko e77a67a3de
feat: load env from file
1 year ago
cmd feat: load env from file 1 year ago
internal feat: writer test full coverage 1 year ago
pkg fix lint 1 year ago
.env.example feat: add .env.example 1 year ago
.gitignore feat: update gitignore 1 year ago
LICENSE feat: add license 1 year ago
Makefile feat: add tests 1 year ago
README.md feat: update README 1 year ago
go.mod feat: add tests 1 year ago
go.sum feat: use viper and cobra to parameterize creation values with viper yaml 1 year ago
main.go feat: use viper and cobra to parameterize creation values with viper yaml 1 year ago
viper.example.yaml fix: duration 1 year ago

README.md

go-gen-cert

Preamble

I've decided to create this project based on this example but with some improvements, which I would like to give thanks.

I had some trouble during TLS communication between both of my gRPC server and client. I've decided to create a tool to generate SSL certificates following a little of this guide.

TODO:

  • Create intermediate authority to sign certificates on behalf CA to add more security. If intermediate is hacked then you can revoke from CA and generate new intermediates keeping CA isolated from beeing hacked.

  • Complete tests

Configuration

If you are on dev environment, like I've been doing, you must create .env file similar as .env.example in this repo:

VIPER_CONFIG=your-viper-file-name-without-extension
VIPER_CONFIG_TYPE=yaml
ENV=dev

Then add viper configuration file, yaml for example, in your root directory:

export_dir: "/home"
ca:
    serial_number: 12152 # serial number
    subject:
        organization: "yourdomain.com"
        common_name: "*.yourdomain.com"
    key_usage: 1
    ext_key_usage: 
        - 1
        - 2
        duration: "8760h0m0s" #1 year
client:
    serial_number: 12151232 # serial number
    subject:
        organization: "yourdomain.com"
        country: "RM"
        province: "REML"
        locality: ""
        street_address: ""
        postal_code: ""
    subject_key_id:
        - 1
        - 2
        - 3
        - 4
        - 6
    key_usage: 1
    ext_key_usage: 
        - 1
        - 2
    duration: "8760h0m0s"

Execution

Then you can just run

go run main.go

tests

Just simply run make command and watch coverage results on cover.html within coverage

make test-coverage
rm -rf coverage
mkdir coverage
go test -v -coverprofile coverage/cover.out ./...
=== RUN   TestCredentialsFromKeyWithPasswd
--- PASS: TestCredentialsFromKeyWithPasswd (0.37s)
=== RUN   TestCredentialsFromKeyWithPasswdError
--- PASS: TestCredentialsFromKeyWithPasswdError (0.46s)
PASS
coverage: 90.9% of statements
ok      gitea.urkob.com/urko/go-grpc-certificate/pkg/credentials        0.839s  coverage: 90.9% of statements
go tool cover -html coverage/cover.out -o coverage/cover.html

goreportcard

make goreportcard

output:

➜  go-cert-gen git:(main) goreportcard-cli -v
Grade .......... A+ 100.0%
Files ................. 12
Issues ................. 0
gofmt ............... 100%
go_vet .............. 100%
gocyclo ............. 100%
ineffassign ......... 100%
license ............. 100%
misspell ............ 100%