torjus/ezshare
1
0
Fork 0
Code Issues Pull Requests Projects Releases 2 Wiki Activity

Add hostname to server certs

Browse Source
This commit is contained in:
Torjus Håkestad 2021-12-04 10:19:59 +01:00
parent bf9f8d80cd
commit 1b2cb55843
2 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
certs/generate.go
View File

@ -89,7 +89,7 @@ func GenCACert() (priv []byte, pub []byte, err error) {
return caPrivKeyBytes, caBytes, nil return caPrivKeyBytes, caBytes, nil
} }
func GenAllCerts(path string) error { func GenAllCerts(path, domain string) error {
// Create CA certs // Create CA certs
caPriv, caPub, err := GenCACert() caPriv, caPub, err := GenCACert()
if err != nil { if err != nil {
@ -103,7 +103,8 @@ func GenAllCerts(path string) error {
} }
// Create server certs // Create server certs
srvKey, srvCrt, err := GenCert(caPub, caPriv) dnsNames := []string{domain}
srvKey, srvCrt, err := GenCert(caPub, caPriv, dnsNames)
if err != nil { if err != nil {
return err return err
} }
@ -114,7 +115,7 @@ func GenAllCerts(path string) error {
return err return err
} }
clientKey, clientCrt, err := GenCert(caPub, caPriv) clientKey, clientCrt, err := GenCert(caPub, caPriv, []string{})
if err != nil { if err != nil {
return err return err
} }
@ -128,7 +129,7 @@ func GenAllCerts(path string) error {
return nil return nil
} }
func GenCert(caPub, caPrivKey []byte) (priv, pub []byte, err error) { func GenCert(caPub, caPrivKey []byte, dnsNames []string) (priv, pub []byte, err error) {
// Parse ca // Parse ca
ca, err := x509.ParseCertificate(caPub) ca, err := x509.ParseCertificate(caPub)
if err != nil { if err != nil {
@ -150,7 +151,7 @@ func GenCert(caPub, caPrivKey []byte) (priv, pub []byte, err error) {
NotBefore: time.Now(), NotBefore: time.Now(),
NotAfter: time.Now().AddDate(10, 0, 0), NotAfter: time.Now().AddDate(10, 0, 0),
SubjectKeyId: []byte{1, 2, 3, 4, 6}, SubjectKeyId: []byte{1, 2, 3, 4, 6},
DNSNames: []string{"*"}, DNSNames: dnsNames,
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth}, ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
KeyUsage: x509.KeyUsageDigitalSignature, KeyUsage: x509.KeyUsageDigitalSignature,
} }

10
cmd/ezshare.go
View File

@ -101,6 +101,10 @@ func main() {
Name: "out-dir", Name: "out-dir",
Usage: "Directory where certificates will be stored.", Usage: "Directory where certificates will be stored.",
}, },
&cli.StringFlag{
Name: "hostname",
Usage: "Hostname used for server certificate.",
},
}, },
Action: ActionGencerts, Action: ActionGencerts,
}, },
@ -332,7 +336,11 @@ func ActionGencerts(c *cli.Context) error {
if c.IsSet("out-dir") { if c.IsSet("out-dir") {
outDir = c.String("out-dir") outDir = c.String("out-dir")
} }
return certs.GenAllCerts(outDir) if !c.IsSet("hostname") {
return fmt.Errorf("--hostname required")
}
hostname := c.String("hostname")
return certs.GenAllCerts(outDir, hostname)
} }
func ActionInitConfig(c *cli.Context) error { func ActionInitConfig(c *cli.Context) error {