Skip to content

Latest commit

 

History

History
28 lines (24 loc) · 1.44 KB

x509.md

File metadata and controls

28 lines (24 loc) · 1.44 KB
Raw

x509

In cryptography, X.509 is an ITU standard defining the format of public key certificates.

Generate x509 certificate

const opts = {
    altNameIPs: ['127.0.0.1', '55.77.55.77'],
    altNameURIs: ['http://localhost', 'https://test.com'],
    validityDays: 300,
    length: 2048,
    data: {
        commonName: 'my.test.com',
        stateOrProvinceName: 'Barcelona',
        countryName: 'ES',
        localityName: 'Barcelona',
        organizationName: 'Aircraft',
        organizationNameShort: 'TesTas'
    }
};
const cert = await KsCryp.generate("x509", opts);

const fs = require("fs");
fs.writeFileSync("x509-cert.pem", cert.publicKey);
fs.writeFileSync("x509-key.pem", cert.privateKey);

X.509 certificates bind an identity to a public key using a digital signature. In the X.509 system, there are two types of certificates. The first is a CA certificate. The second is an end-entity certificate. A CA certificate can issue other certificates. The top level, self-signed CA certificate is sometimes called the Root CA certificate. Other CA certificates are called intermediate CA or subordinate CA certificates. An end-entity certificate identifies the user, like a person, organization or business. An end-entity certificate cannot issue other certificates. An end-entity certificate is sometimes called a leaf certificate since no other certificates can be issued below it.