github.com/keysonZZZ/kmg@v0.0.0-20151121023212-05317bfd7d39/kmg/SubCommand/GenerateHttpsCert.go.bak (about) 1 package command 2 3 import ( 4 "flag" 5 "os" 6 "path/filepath" 7 "strings" 8 9 "github.com/bronze1man/kmg/kmgCmd" 10 "github.com/bronze1man/kmg/kmgConsole" 11 "github.com/bronze1man/kmg/kmgFile" 12 ) 13 14 func init() { 15 kmgConsole.AddAction(kmgConsole.Command{ 16 Name: "GenerateHttpsCert", 17 Desc: "Generate Https Cert", 18 Runner: runGenerateHttpsCert, 19 }) 20 } 21 22 func runGenerateHttpsCert() { 23 command := GenerateHttpsCert{} 24 flag.StringVar(&command.outputPath, "o", "certs", "output dir,it will create it if it is not created") 25 flag.StringVar(&command.subject, "subj", "/C=CN/ST=SiChuan/L=ChengDu/O=ZhuoZhuo/OU=IT Department/CN=www.new1.uestc.edu.cn", "the subj of the cert.") 26 27 wd, err := os.Getwd() 28 if err != nil { 29 return 30 } 31 workDir := filepath.Join(wd, "certs") 32 kmgFile.MustMkdirAll(workDir) 33 os.Chdir(workDir) 34 kmgFile.MustWriteFile("index.txt", []byte("")) 35 kmgFile.MustWriteFile("serial", []byte("01")) 36 kmgFile.MustWriteFile("config.conf", []byte(`[ ca ] 37 default_ca = ca_default 38 39 [ ca_default ] 40 dir = . 41 certs = . 42 new_certs_dir = . 43 database = ./index.txt 44 serial = ./serial 45 RANDFILE = .rand 46 certificate = ca.crt 47 private_key = ca.key 48 default_days = 36500 49 default_crl_days = 30 50 default_md = md5 51 preserve = no 52 policy = generic_policy 53 [ policy_anything ] 54 countryName = optional 55 stateOrProvinceName = optional 56 localityName = optional 57 organizationName = optional 58 organizationalUnitName = optional 59 commonName = supplied 60 emailAddress = optional`)) 61 mustRunCmd("openssl req -passout pass:1234 -batch -new -x509 -newkey rsa:2048 -extensions v3_ca -keyout ca.key -out ca.crt -days 18250", 62 "-subj", command.subject+" ca") 63 mustRunCmd("openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out csr.csr -days 18250", 64 "-subj", command.subject) 65 kmgCmd.MustRun("openssl ca -config config.conf -batch -cert ca.crt -passin pass:1234 -keyfile ca.key -policy policy_anything -out server.crt -infiles csr.csr") 66 mustRunCmd("openssl req -new -newkey rsa:2048 -nodes -keyout client.key -out csr.csr -days 18250", 67 "-subj", command.subject+" client") 68 kmgCmd.MustRun("openssl ca -config config.conf -batch -cert ca.crt -passin pass:1234 -keyfile ca.key -policy policy_anything -out client.crt -infiles csr.csr") 69 kmgCmd.MustRun("openssl pkcs12 -export -passout pass:1234 -inkey client.key -in client.crt -out client.pfx") 70 return 71 } 72 73 //https证书生成,会先生成一个根证书,然后生成几个客户端证书 74 type GenerateHttpsCert struct { 75 outputPath string 76 subject string 77 } 78 79 func mustRunCmd(s string, args ...string) { 80 81 sParts := strings.Split(s, " ") 82 args = append(sParts, args...) 83 kmgCmd.CmdSlice(args).MustRun() 84 }