github.com/angenalZZZ/gofunc@v0.0.0-20210507121333-48ff1be3917b/f/exec_command_openssl.go

github.com/angenalZZZ/gofunc@v0.0.0-20210507121333-48ff1be3917b/f/exec_command_openssl.go (about)

     1  package f
     2  
     3  // OpensslWebServerCert generate webserver certificates against a private certificate authority,
     4  // input: companyName of Certificate Authority Name, hostname of TLS server to install the private cert/key,
     5  // output: ca.cer ca.key sv.cer sv.key files.
     6  func OpensslWebServerCert(companyName string, hostname string) error {
     7  	// Create Private CA
     8  	_, err := ExecCommandOutput("openssl", "genrsa", "-out", "ca.key", "2048")
     9  	if err != nil {
    10  		return err // log.Fatal("Could not create private Certificate Authority key")
    11  	}
    12  	_, err = ExecCommandOutput("openssl", "req", "-x509", "-new", "-key", "ca.key", "-out", "ca.cer", "-days", "3650", "-subj", "/CN=\""+companyName+"\"")
    13  	if err != nil {
    14  		return err // log.Fatal("Could not create private Certificate Authority certificate")
    15  	}
    16  	// Create Server Cert Key
    17  	_, err = ExecCommandOutput("openssl", "genrsa", "-out", "sv.key", "2048")
    18  	if err != nil {
    19  		return err // log.Fatal("Could not create private server key")
    20  	}
    21  	_, err = ExecCommandOutput("openssl", "req", "-new", "-out", "sv.req", "-key", "sv.key", "-subj", "/CN="+hostname)
    22  	if err != nil {
    23  		return err // log.Fatal("Could not create private server certificate signing request")
    24  	}
    25  	_, err = ExecCommandOutput("openssl", "x509", "-req", "-in", "sv.req", "-out", "sv.cer", "-CAkey", "ca.key", "-CA", "ca.cer", "-days", "3650", "-CAcreateserial", "-CAserial", "serial")
    26  	if err != nil {
    27  		return err // log.Fatal("Could not create private server certificate")
    28  	}
    29  	return nil
    30  }