Add hostname to server certs
This commit is contained in:
parent
bf9f8d80cd
commit
1b2cb55843
@ -89,7 +89,7 @@ func GenCACert() (priv []byte, pub []byte, err error) {
|
||||
return caPrivKeyBytes, caBytes, nil
|
||||
}
|
||||
|
||||
func GenAllCerts(path string) error {
|
||||
func GenAllCerts(path, domain string) error {
|
||||
// Create CA certs
|
||||
caPriv, caPub, err := GenCACert()
|
||||
if err != nil {
|
||||
@ -103,7 +103,8 @@ func GenAllCerts(path string) error {
|
||||
}
|
||||
|
||||
// Create server certs
|
||||
srvKey, srvCrt, err := GenCert(caPub, caPriv)
|
||||
dnsNames := []string{domain}
|
||||
srvKey, srvCrt, err := GenCert(caPub, caPriv, dnsNames)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@ -114,7 +115,7 @@ func GenAllCerts(path string) error {
|
||||
return err
|
||||
}
|
||||
|
||||
clientKey, clientCrt, err := GenCert(caPub, caPriv)
|
||||
clientKey, clientCrt, err := GenCert(caPub, caPriv, []string{})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@ -128,7 +129,7 @@ func GenAllCerts(path string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func GenCert(caPub, caPrivKey []byte) (priv, pub []byte, err error) {
|
||||
func GenCert(caPub, caPrivKey []byte, dnsNames []string) (priv, pub []byte, err error) {
|
||||
// Parse ca
|
||||
ca, err := x509.ParseCertificate(caPub)
|
||||
if err != nil {
|
||||
@ -150,7 +151,7 @@ func GenCert(caPub, caPrivKey []byte) (priv, pub []byte, err error) {
|
||||
NotBefore: time.Now(),
|
||||
NotAfter: time.Now().AddDate(10, 0, 0),
|
||||
SubjectKeyId: []byte{1, 2, 3, 4, 6},
|
||||
DNSNames: []string{"*"},
|
||||
DNSNames: dnsNames,
|
||||
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
|
||||
KeyUsage: x509.KeyUsageDigitalSignature,
|
||||
}
|
||||
|
||||
@ -101,6 +101,10 @@ func main() {
|
||||
Name: "out-dir",
|
||||
Usage: "Directory where certificates will be stored.",
|
||||
},
|
||||
&cli.StringFlag{
|
||||
Name: "hostname",
|
||||
Usage: "Hostname used for server certificate.",
|
||||
},
|
||||
},
|
||||
Action: ActionGencerts,
|
||||
},
|
||||
@ -332,7 +336,11 @@ func ActionGencerts(c *cli.Context) error {
|
||||
if c.IsSet("out-dir") {
|
||||
outDir = c.String("out-dir")
|
||||
}
|
||||
return certs.GenAllCerts(outDir)
|
||||
if !c.IsSet("hostname") {
|
||||
return fmt.Errorf("--hostname required")
|
||||
}
|
||||
hostname := c.String("hostname")
|
||||
return certs.GenAllCerts(outDir, hostname)
|
||||
}
|
||||
|
||||
func ActionInitConfig(c *cli.Context) error {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user