-
Notifications
You must be signed in to change notification settings - Fork 40
/
csr.go
49 lines (40 loc) · 1.06 KB
/
csr.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
package csr
import (
"crypto/rand"
"crypto/x509"
"crypto/x509/pkix"
"encoding/pem"
"github.com/johanbrandhorst/certify"
"github.com/johanbrandhorst/certify/internal/keys"
)
// FromCertConfig creates a CSR and private key from the input config and common name.
// It returns the CSR and private key in PEM format.
func FromCertConfig(commonName string, conf *certify.CertConfig) ([]byte, []byte, error) {
pk, err := conf.KeyGenerator.Generate()
if err != nil {
return nil, nil, err
}
keyPEM, err := keys.Marshal(pk)
if err != nil {
return nil, nil, err
}
template := &x509.CertificateRequest{
Subject: pkix.Name{
CommonName: commonName,
},
}
if conf != nil {
template.DNSNames = conf.SubjectAlternativeNames
template.IPAddresses = conf.IPSubjectAlternativeNames
template.URIs = conf.URISubjectAlternativeNames
}
csr, err := x509.CreateCertificateRequest(rand.Reader, template, pk)
if err != nil {
return nil, nil, err
}
csrPEM := pem.EncodeToMemory(&pem.Block{
Type: "CERTIFICATE REQUEST",
Bytes: csr,
})
return csrPEM, keyPEM, nil
}