Categorygithub.com/b-sn/x509wrapper
repositorypackage
1.0.1
Repository: https://github.com/b-sn/x509wrapper.git
Documentation: pkg.go.dev
Overview
Dependencies
14
Dependents
0

# README

This module is a wrapper for the crypto/x509 module. It helps to create and sign all certificates required for mTLS connections.

Possible usage for creating new CA certificate:

import (
	"crypto/x509/pkix"
	"time"

	"github.com/b-sn/x509wrapper"
)

CACert := x509wrapper.NewCert("CA", "./certs")

// Add new CA cert and private key
if err := CACert.AddCertAndKey(x509wrapper.PrepareCA(
	pkix.Name{
		…
	},
	time.Now(),
	time.Now().AddDate(1, 0, 0)), 4096,
); err != nil {
	Fatal("Problem with new CA certificate: %v", err)
}

// Save CA certificate
if err := CACert.Save(nil); err != nil {
	Fatal("Problem with saving CA certificate: %v", err)
}

To load existing certificate:

Cert := x509wrapper.NewCert("Cert name", "./certs")
if err := Cert.Load(); err != nil {
	Fatal("Problem with loading certificate: %v", err)
}

To create a new certificate and sign with CA:

newCert := x509wrapper.NewCert("Server cert", "./certs")

// Create new certificate
if err := newCertWrap.AddCertAndKey(x509wrapper.PrepareCert(
	pkix.Name{
		…
	},
	[]string{DNS},
	time.Now(),
	time.Now().AddDate(1, 0, 0)), 2048,
); err != nil {
	Fatal("Make new Certificate error: %v", err)
}

// Use CACert to sign new certificate before saving
if err := newCertWrap.Save(CACert); err != nil {
	Fatal("Save new Certificate error: %v", err)
}