MahmoudEmad/herolib
1
0
Fork 0
Code Issues 55 Pull Requests 1 Actions Packages Projects Releases 26 Wiki Activity
Files
ee0e7d44fdfdb2efb302da53d239ba27a37d58fc
herolib/lib/crypt/openssl/generate_ca.v
Mahmoud-Emad 8f2d187b17 fix: Rename freeflowuniverse to incubaid
2025-10-12 12:30:19 +03:00

70 lines
2.0 KiB
V
Raw Blame History

module openssl
import incubaid.herolib.builder
import json
@[params]
pub struct OpenSSLCAGenerateArgs {
name string = 'default'
domain string = 'myregistry.domain.com'
reset bool
}
pub fn (mut ossl OpenSSL) generate_ca(args OpenSSLGenerateArgs) !OpenSSLKey {
mut r := ossl.new(args)!
if r.domain.len < 6 {
return error('need to give domain and needs to be bigger than 6 chars. \n${r}')
}
mut b := builder.new()!
mut node := b.node_local()!
// info on https://mariadb.com/docs/xpand/security/data-in-transit-encryption/create-self-signed-certificates-keys-openssl/
cmd := '
openssl genrsa 2048 > ca-key.pem
#Creating the Certificate Authoritys Certificate and Keys
openssl req -new -x509 -nodes -days 365000 -key ca-key.pem -out ca-cert.pem -subj "/C=BE/ST=Ghent/L=Something/O=Global Security/OU=IT Department/CN=${args.domain}"
openssl req -newkey rsa:2048 -nodes -days 365000 -keyout server-key.pem -out server-req.pem
openssl x509 -req -days 365000 -set_serial 01 -in server-req.pem -out server-cert.pem -CA ca-cert.pem -CAkey ca-key.pem
rm -rf /tmp/w
mkdir -p /tmp/w
cd /tmp/w
openssl genrsa 2048 > ca-key.pem
#Creating the Certificate Authoritys Certificate and Keys
openssl req -new -x509 -nodes -days 365000 -key ca-key.pem -out ca-cert.pem -subj "/C=BE/ST=Ghent/L=Something/O=Global Security/OU=IT Department/CN=registry.test.com"
openssl req -newkey rsa:2048 -nodes -days 365000 -keyout server-key.pem -out server-req.pem -subj "/C=BE/ST=Ghent/L=Something/O=Global Security/OU=IT Department/CN=registry.test.com"
openssl x509 -req -days 365000 -set_serial 01 -in server-req.pem -out server-cert.pem -CA ca-cert.pem -CAkey ca-key.pem
'
node.exec(cmd: cmd)!
cmd2 := '
openssl req -newkey rsa:4096 -nodes -sha256 -keyout ${r.path_key.path} -addext "subjectAltName = DNS:${args.domain}" -subj "/C=BE/ST=Ghent/L=Something/O=Global Security/OU=IT Department/CN=${args.domain}" -x509 -days 365 -out ${r.path_cert.path}
'
node.exec(cmd: cmd2)!
r.hexhash()!
s := json.encode(r)
r.path_json.write(s)!
return r
}
Reference in New Issue View Git Blame Copy Permalink