cert-go

This package is a Golang command-line tool implementation of self-signing certificates.

• cert-go
  • Development Environment
  • Usage
  • Example
  • Command-Line Tool
    • Build by Yourself(in root directory)
    • Use Directly
    • Command Line Tool Usage
  • About Me

Development Environment

Type	Version
OS	Ubuntu 22.04.5
Golang	go1.22.5 linux/amd64

Usage

Note

If the target file (certificate, CSR, private key) already exists, the function will not create it and directly return an error: cert/CSR/private key already exists. Or you can use the overwrite argument to overwrite the existing file.

1. Prepare the destination directory for the private key, certificate, and CSR. This step is required for all the following steps.

2. Modify the cfg.yml file to set the appropriate values (you can use the defaultCfg.yml file as your template).

   Click here to see the default configuration file

3. Import the certgo package in your code.

   import "github.com/Alonza0314/cert-go"

4. To create private key, you need to specify the path of the destination file. Then, use this function:

   CreatePrivateKey(keyPath string, privateKeyType constants.PrivateKeyType, overwrite bool) (interface{}, error)

   The return value is the private key in interface{} type based on the privateKeyType argument. Now, we support ECDSA and RSA type.

5. To create CSR, you need to specify the certificate structure. You can use ReadYamlFileToStruct function to read the configuration file and convert it to the certificate structure.

   util.ReadYamlFileToStruct(yamlPath string, v interface{}) error

   Then, use this function:

   CreateCsr(cfg model.Certificate, privateKeyType constants.PrivateKeyType, overwrite bool) (*x509.CertificateRequest, error)

   The return value is the CSR in *x509.CertificateRequest type.

   NOTICE:

   • If the private key does not exist, the function will automatically create one in default based on the privateKeyType argument.

6. To sign certificate, you need to specify the YAML file path of the CA configuration. Then, use these functions for different types of certificates:

   SignRootCertificate(yamlPath string, privateKeyType constants.PrivateKeyType, overwrite bool) (*x509.Certificate, error)
   SignIntermediateCertificate(yamlPath string, privateKeyType constants.PrivateKeyType, overwrite bool) (*x509.Certificate, error)
   SignServerCertificate(yamlPath string, privateKeyType constants.PrivateKeyType, overwrite bool) (*x509.Certificate, error)
   SignClientCertificate(yamlPath string, privateKeyType constants.PrivateKeyType, overwrite bool) (*x509.Certificate, error)

   The return value is the signed certificate in *x509.Certificate type.

   NOTICE:

   • If the private key does not exist, the function will automatically create one in default based on the privateKeyType argument.
   • If the CSR does not exist, the function will automatically create one in default based on the privateKeyType argument.

7. In the end, the private key, certificate, and CSR are expected to be in the destination directory.

Example

Click here to see the example

Command-Line Tool

Build by Yourself(in root directory)

• linux-amd64

  make linux_amd64

• mac-arm64

  make mac_arm64

Then, you can find the executable file in the build directory.

Use Directly

You can download the binary file from the release page and execute it directly.

Go to the release page to download the binary file

Command Line Tool Usage

Click here to see the command line tool usage in detail

About Me

Click here to know more about me