github.com/keysonZZZ/kmg@v0.0.0-20151121023212-05317bfd7d39/kmg/SubCommand/GenerateHttpsCert.go.bak

github.com/keysonZZZ/kmg@v0.0.0-20151121023212-05317bfd7d39/kmg/SubCommand/GenerateHttpsCert.go.bak (about)

     1  package command
     2  
     3  import (
     4  	"flag"
     5  	"os"
     6  	"path/filepath"
     7  	"strings"
     8  
     9  	"github.com/bronze1man/kmg/kmgCmd"
    10  	"github.com/bronze1man/kmg/kmgConsole"
    11  	"github.com/bronze1man/kmg/kmgFile"
    12  )
    13  
    14  func init() {
    15  	kmgConsole.AddAction(kmgConsole.Command{
    16  		Name:   "GenerateHttpsCert",
    17  		Desc:   "Generate Https Cert",
    18  		Runner: runGenerateHttpsCert,
    19  	})
    20  }
    21  
    22  func runGenerateHttpsCert() {
    23  	command := GenerateHttpsCert{}
    24  	flag.StringVar(&command.outputPath, "o", "certs", "output dir,it will create it if it is not created")
    25  	flag.StringVar(&command.subject, "subj", "/C=CN/ST=SiChuan/L=ChengDu/O=ZhuoZhuo/OU=IT Department/CN=www.new1.uestc.edu.cn", "the subj of the cert.")
    26  
    27  	wd, err := os.Getwd()
    28  	if err != nil {
    29  		return
    30  	}
    31  	workDir := filepath.Join(wd, "certs")
    32  	kmgFile.MustMkdirAll(workDir)
    33  	os.Chdir(workDir)
    34  	kmgFile.MustWriteFile("index.txt", []byte(""))
    35  	kmgFile.MustWriteFile("serial", []byte("01"))
    36  	kmgFile.MustWriteFile("config.conf", []byte(`[ ca ]
    37  default_ca = ca_default
    38  
    39  [ ca_default ]
    40  dir = .
    41  certs = .
    42  new_certs_dir = .
    43  database = ./index.txt
    44  serial = ./serial
    45  RANDFILE = .rand
    46  certificate = ca.crt
    47  private_key = ca.key
    48  default_days = 36500
    49  default_crl_days = 30
    50  default_md = md5
    51  preserve = no
    52  policy = generic_policy
    53  [ policy_anything ]
    54  countryName = optional
    55  stateOrProvinceName = optional
    56  localityName = optional
    57  organizationName = optional
    58  organizationalUnitName = optional
    59  commonName = supplied
    60  emailAddress = optional`))
    61  	mustRunCmd("openssl req -passout pass:1234 -batch -new -x509 -newkey rsa:2048 -extensions v3_ca -keyout ca.key -out ca.crt -days 18250",
    62  		"-subj", command.subject+" ca")
    63  	mustRunCmd("openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out csr.csr -days 18250",
    64  		"-subj", command.subject)
    65  	kmgCmd.MustRun("openssl ca -config config.conf -batch -cert ca.crt -passin pass:1234 -keyfile ca.key -policy policy_anything -out server.crt -infiles csr.csr")
    66  	mustRunCmd("openssl req -new -newkey rsa:2048 -nodes -keyout client.key -out csr.csr -days 18250",
    67  		"-subj", command.subject+" client")
    68  	kmgCmd.MustRun("openssl ca -config config.conf -batch -cert ca.crt -passin pass:1234 -keyfile ca.key -policy policy_anything -out client.crt -infiles csr.csr")
    69  	kmgCmd.MustRun("openssl pkcs12 -export -passout pass:1234 -inkey client.key -in client.crt -out client.pfx")
    70  	return
    71  }
    72  
    73  //https证书生成,会先生成一个根证书,然后生成几个客户端证书
    74  type GenerateHttpsCert struct {
    75  	outputPath string
    76  	subject    string
    77  }
    78  
    79  func mustRunCmd(s string, args ...string) {
    80  
    81  	sParts := strings.Split(s, " ")
    82  	args = append(sParts, args...)
    83  	kmgCmd.CmdSlice(args).MustRun()
    84  }