profile
viewpoint
Martijn van Maasakkers mvmaasakkers Newest Industry Rotterdam, the Netherlands http://vanmaasakkers.net/

mvmaasakkers/certificates 18

An opinionated helper for generating tls certificates

mvmaasakkers/go-problemdetails 6

Problem json implementation (https://tools.ietf.org/html/rfc7807) package for go

mvmaasakkers/gohttptestmongodb 4

Writing integration tests with MongoDB support

mvmaasakkers/ark-go 0

Ark GO client for ARK.io blockchain ecosystem #golang #ark #blockchain

mvmaasakkers/docker-protobuf 0

All inclusive Protocol Buffer and gRPC suite, powered by Docker and Alpine

created tagmvmaasakkers/certificates

tagv0.6.0

An opinionated helper for generating tls certificates

created time in 2 months

push eventmvmaasakkers/certificates

Martijn van Maasakkers

commit sha 7df03f32f59289e0bd4e786ec36c1b708b9315a9

Added external csr signing option, fixes #23

view details

push time in 2 months

Pull request review commentmvmaasakkers/certificates

Added external csr signing option

 func (req *Request) GetPKIXName() pkix.Name { 	return name } +// ReadCSR reads csr into a x509.CertificateRequest and converts it into a Request+func ReadCSR(csrFile []byte) (*Request, error) {+	block, _ := pem.Decode(csrFile)+	if block == nil || block.Type != "CERTIFICATE REQUEST" {+		return nil, fmt.Errorf("failed to decode PEM block containing certificate request")+	}++	csr, err :=  x509.ParseCertificateRequest(block.Bytes)+	if err != nil {+		return nil, err+	}++	request := NewRequest()+	if len(csr.Subject.Organization) > 0 {+		request.Organization = csr.Subject.Organization[0]+	}+	if len(csr.Subject.Country) > 0 {+		request.Country = csr.Subject.Country[0]+	}+	if len(csr.Subject.Province) > 0 {+		request.Province = csr.Subject.Province[0]+	}+	if len(csr.Subject.Locality) > 0 {+		request.Locality = csr.Subject.Locality[0]+	}+	if len(csr.Subject.StreetAddress) > 0 {+		request.StreetAddress = csr.Subject.StreetAddress[0]+	}+	if len(csr.Subject.PostalCode) > 0 {+		request.PostalCode = csr.Subject.PostalCode[0]+	}+	request.CommonName = csr.Subject.CommonName+	request.NameSerialNumber = csr.Subject.SerialNumber+	request.SubjectAltNames = csr.DNSNames++	if request.SerialNumber == nil {+		randInt, err := GenerateRandomBigInt()+		if err != nil {+			return nil, err+		}++		request.SerialNumber = randInt+	}

I think requester might provide their own serial number. This might be handy especially if you use cert as a package implementation and not as a CLI tool.

mvmaasakkers

comment created time in 3 months

create barnchmvmaasakkers/certificates

branch : feature/external_csr_sign_support

created branch time in 3 months

more