Urko 03272b363d | ||
---|---|---|
cmd | ||
internal | ||
pkg | ||
.env.example | ||
.gitignore | ||
Makefile | ||
README.md | ||
go.mod | ||
go.sum | ||
main.go | ||
viper.example.yaml |
README.md
go-gen-cert
Preamble
I've decided to create this project based on this example but with some improvements, which I would like to give thanks.
I had some trouble during TLS communication between both of my gRPC server and client. I've decided to create a tool to generate SSL certificates following a little of this guide.
TODO:
-
Create intermediate authority to sign certificates on behalf CA to add more security. If intermediate is hacked then you can revoke from CA and generate new intermediates keeping CA isolated from beeing hacked.
-
Complete tests
Configuration
If you are on dev
environment, like I've been doing, you must create .env
file similar as .env.example
in this repo:
VIPER_CONFIG=your-viper-file-name-without-extension
VIPER_CONFIG_TYPE=yaml
ENV=dev
Then add viper configuration file, yaml for example, in your root directory:
export_dir: "/home"
ca:
serial_number: 12152 # serial number
subject:
organization: "yourdomain.com"
common_name: "*.yourdomain.com"
key_usage: 1
ext_key_usage:
- 1
- 2
duration: 518400 #1 year
client:
serial_number: 12151232 # serial number
subject:
organization: "yourdomain.com"
country: "RM"
province: "REML"
locality: ""
street_address: ""
postal_code: ""
subject_key_id:
- 1
- 2
- 3
- 4
- 6
key_usage: 1
ext_key_usage:
- 1
- 2
duration: 518400
Execution
Then you can just run
go run main.go