SSL证书工具
go get -u github.com/Arvintian/sslutil
#./bin/sslutil
Usage: sslutil -action [-ca] [-ca-key] -cfg -out -prefix
Options:
-action string
the action ca or sign
-ca string
ca pem
-ca-key string
ca key pem
-cfg string
config json file
-out string
cert and cert-key output dir, default current dir (default "workdir/sslutil")
-prefix string
cert and cert-key filename prefix (default "ca")
- ca 生成根证书
- sign 生成签名证书
- 生成签名证书必填,根证书cert pem
- 生成签名证书必填,根证书key pem
- 证书配置json
- 输出目录
- 证书文件前缀
git clone https://github.com/Arvintian/sslutil.git
cd sslutil
make build
./bin/sslutil -action ca -cfg test/ca.json -out pki -prefix ca
cat test/ca.json
{
"country": [
"CN"
],
"organization": [
"k8s"
],
"organizationalUnit": [
"system-root"
],
"province": [
"BeiJing"
],
"locality": [
"BeiJing"
],
"hosts": [
""
],
"years": 10
}
./bin/sslutil -action sign -ca pki/ca-cert.pem -ca-key pki/ca-key.pem -cfg test/server.json -out pki -prefix server
cat test/server.json
{
"country": [
"CN"
],
"organization": [
"k8s"
],
"organizationalUnit": [
"system-server"
],
"province": [
"BeiJing"
],
"locality": [
"BeiJing"
],
"hosts": [
"127.0.0.1",
"localhost"
],
"years": 10
}