Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add optional -common-name flag #45

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add optional -common-name flag #45

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
655bd13
Add optional -common-name flag
Aug 11, 2020
d3eb1de
Merge branch 'master' of https://github.com/jsha/minica
Sep 12, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 9 additions & 8 deletions main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,15 +36,15 @@ type issuer struct {
cert *x509.Certificate
}

func getIssuer(keyFile, certFile string) (*issuer, error) {
func getIssuer(keyFile, certFile, commonName string) (*issuer, error) {
keyContents, keyErr := ioutil.ReadFile(keyFile)
certContents, certErr := ioutil.ReadFile(certFile)
if os.IsNotExist(keyErr) && os.IsNotExist(certErr) {
err := makeIssuer(keyFile, certFile)
err := makeIssuer(keyFile, certFile, commonName)
if err != nil {
return nil, err
}
return getIssuer(keyFile, certFile)
return getIssuer(keyFile, certFile, commonName)
} else if keyErr != nil {
return nil, fmt.Errorf("%s (but %s exists)", keyErr, certFile)
} else if certErr != nil {
Expand Down Expand Up @@ -90,12 +90,12 @@ func readCert(certContents []byte) (*x509.Certificate, error) {
return x509.ParseCertificate(block.Bytes)
}

func makeIssuer(keyFile, certFile string) error {
func makeIssuer(keyFile, certFile, commonName string) error {
key, err := makeKey(keyFile)
if err != nil {
return err
}
_, err = makeRootCert(key, certFile)
_, err = makeRootCert(key, certFile, commonName)
if err != nil {
return err
}
Expand Down Expand Up @@ -126,7 +126,7 @@ func makeKey(filename string) (*rsa.PrivateKey, error) {
return key, nil
}

func makeRootCert(key crypto.Signer, filename string) (*x509.Certificate, error) {
func makeRootCert(key crypto.Signer, filename, commonName string) (*x509.Certificate, error) {
serial, err := rand.Int(rand.Reader, big.NewInt(math.MaxInt64))
if err != nil {
return nil, err
Expand All @@ -137,7 +137,7 @@ func makeRootCert(key crypto.Signer, filename string) (*x509.Certificate, error)
}
template := &x509.Certificate{
Subject: pkix.Name{
CommonName: "minica root ca " + hex.EncodeToString(serial.Bytes()[:3]),
CommonName: commonName + " " + hex.EncodeToString(serial.Bytes()[:3]),
},
SerialNumber: serial,
NotBefore: time.Now(),
Expand Down Expand Up @@ -289,6 +289,7 @@ func main2() error {
var caCert = flag.String("ca-cert", "minica.pem", "Root certificate filename, PEM encoded.")
var domains = flag.String("domains", "", "Comma separated domain names to include as Server Alternative Names.")
var ipAddresses = flag.String("ip-addresses", "", "Comma separated IP addresses to include as Server Alternative Names.")
var commonName = flag.String("common-name", "minica root ca", "Root certificate CommonName.")
flag.Usage = func() {
fmt.Fprintf(os.Stderr, "Usage of %s:\n", os.Args[0])
fmt.Fprintf(os.Stderr, `
Expand Down Expand Up @@ -336,7 +337,7 @@ will not overwrite existing keys or certificates.
os.Exit(1)
}
}
issuer, err := getIssuer(*caKey, *caCert)
issuer, err := getIssuer(*caKey, *caCert, *commonName)
if err != nil {
return err
}
Expand Down