From 655bd13af0db99d6eca75cf8c69f3ecc36673ad6 Mon Sep 17 00:00:00 2001 From: Dawid 'DeyV' Polak Date: Tue, 11 Aug 2020 11:45:26 +0200 Subject: [PATCH] Add optional -common-name flag --- main.go | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/main.go b/main.go index 9734969..e2210cf 100644 --- a/main.go +++ b/main.go @@ -36,15 +36,15 @@ type issuer struct { cert *x509.Certificate } -func getIssuer(keyFile, certFile string) (*issuer, error) { +func getIssuer(keyFile, certFile, commonName string) (*issuer, error) { keyContents, keyErr := ioutil.ReadFile(keyFile) certContents, certErr := ioutil.ReadFile(certFile) if os.IsNotExist(keyErr) && os.IsNotExist(certErr) { - err := makeIssuer(keyFile, certFile) + err := makeIssuer(keyFile, certFile, commonName) if err != nil { return nil, err } - return getIssuer(keyFile, certFile) + return getIssuer(keyFile, certFile, commonName) } else if keyErr != nil { return nil, fmt.Errorf("%s (but %s exists)", keyErr, certFile) } else if certErr != nil { @@ -90,12 +90,12 @@ func readCert(certContents []byte) (*x509.Certificate, error) { return x509.ParseCertificate(block.Bytes) } -func makeIssuer(keyFile, certFile string) error { +func makeIssuer(keyFile, certFile, commonName string) error { key, err := makeKey(keyFile) if err != nil { return err } - _, err = makeRootCert(key, certFile) + _, err = makeRootCert(key, certFile, commonName) if err != nil { return err } @@ -126,7 +126,7 @@ func makeKey(filename string) (*rsa.PrivateKey, error) { return key, nil } -func makeRootCert(key crypto.Signer, filename string) (*x509.Certificate, error) { +func makeRootCert(key crypto.Signer, filename, commonName string) (*x509.Certificate, error) { serial, err := rand.Int(rand.Reader, big.NewInt(math.MaxInt64)) if err != nil { return nil, err @@ -137,7 +137,7 @@ func makeRootCert(key crypto.Signer, filename string) (*x509.Certificate, error) } template := &x509.Certificate{ Subject: pkix.Name{ - CommonName: "minica root ca " + hex.EncodeToString(serial.Bytes()[:3]), + CommonName: commonName + " " + hex.EncodeToString(serial.Bytes()[:3]), }, SerialNumber: serial, NotBefore: time.Now(), @@ -289,6 +289,7 @@ func main2() error { var caCert = flag.String("ca-cert", "minica.pem", "Root certificate filename, PEM encoded.") var domains = flag.String("domains", "", "Comma separated domain names to include as Server Alternative Names.") var ipAddresses = flag.String("ip-addresses", "", "Comma separated IP addresses to include as Server Alternative Names.") + var commonName = flag.String("common-name", "minica root ca", "Root certificate CommonName.") flag.Usage = func() { fmt.Fprintf(os.Stderr, "Usage of %s:\n", os.Args[0]) fmt.Fprintf(os.Stderr, ` @@ -336,7 +337,7 @@ will not overwrite existing keys or certificates. os.Exit(1) } } - issuer, err := getIssuer(*caKey, *caCert) + issuer, err := getIssuer(*caKey, *caCert, *commonName) if err != nil { return err }