Filename: Private: No Yes Filetype: Auto ABAP Sophia Apex Azure CLI Batch Bicep C Cameligo Clojure CoffeeScript C++ C# CSP CSS Cypher Dart Dockerfile ECL Elixir Flow9 FreeMarker2 FreeMarker2 (Angle/Bracket) FreeMarker2 (Angle/Dollar) FreeMarker2 (Auto/Bracket) FreeMarker2 (Auto/Dollar) FreeMarker2 (Bracket/Bracket) FreeMarker2 (Bracket/Dollar) F# Go GraphQL Handlebars Terraform HTML Ini Java JavaScript Julia Kotlin Less Lexon Liquid Lua Modula-3 Markdown MDX MIPS DAX MySQL Objective-C Pascal Pascaligo Perl PostgreSQL PHP Plain text ATS PQ PowerShell Protobuf Pug Python Q# R Razor Redis Redshift ReStructuredText Ruby Rust Small Basic Scala Scheme Sass Shell Solidity SPARQL SQL StructuredText Swift SV Tcl Twig TypeScript TypeSpec Visual Basic V WebGPU Shading Language XML YAML Indentation: Spaces Tabs 1 2 3 4 5 6 7 8 Clone package commands import ( "fmt" "os" "os/exec" "regexp" "strings" "github.com/spf13/cobra" "github.com/tzvetkoff-go/errors" "github.com/tzvetkoff/surreal/pkg/appconfig" ) // NewMkCertCommand ... func NewMkCertCommand() *cobra.Command { configFile := appconfig.DefaultConfigPath force := false cmd := &cobra.Command{ Use: "mkcert <Common Name> [Extra SANs]", Short: "Generates TLS certificates", Args: cobra.MinimumNArgs(1), RunE: func(cmd *cobra.Command, args []string) error { // Load config config, err := appconfig.LoadAppConfig(configFile) if err != nil { return err } // Check if key/cert already exist if _, err := os.Stat(config.ServerConfig.AuthenticationTLSPrivKey); err == nil { if !force { return errors.New("private key %s already exists", config.ServerConfig.AuthenticationTLSPrivKey) } os.Remove(config.ServerConfig.AuthenticationTLSPrivKey) } if _, err := os.Stat(config.ServerConfig.AuthenticationTLSCert); err == nil { if !force { return errors.New("certificate %s already exists", config.ServerConfig.AuthenticationTLSCert) } os.Remove(config.ServerConfig.AuthenticationTLSCert) } reIPv4 := regexp.MustCompile(`^\d+\.\d+\.\d+\.\d+$`) reIPv6 := regexp.MustCompile(`^[0-9A-Fa-f:]+$`) // Common name is always present commonName := args[0] // Build up SANs sans := []string{} for _, arg := range args { if reIPv4.MatchString(arg) { sans = append(sans, "IP:"+arg) } else if reIPv6.MatchString(arg) { sans = append(sans, "IP:"+arg) } else { sans = append(sans, "DNS:"+arg) } } // Create a temporary file for the ECParams tempFile, err := os.CreateTemp("", "ecp") if err != nil { return err } defer os.Remove(tempFile.Name()) tempFile.Close() // Generate SECP384R1 parameters osCmd0 := exec.Command( "openssl", "ecparam", "-name", "secp384r1", "-out", tempFile.Name(), ) if err := osCmd0.Run(); err != nil { return err } // Generate private key and certificate osCmd1 := exec.Command( "openssl", "req", "-x509", "-newkey", "ec:"+tempFile.Name(), "-subj", "/CN="+commonName, "-addext", "subjectAltName="+strings.Join(sans, ","), "-keyout", config.ServerConfig.AuthenticationTLSPrivKey, "-out", config.ServerConfig.AuthenticationTLSCert, "-sha256", "-nodes", "-days", "3650", ) if err := osCmd1.Run(); err != nil { return err } // Great success! fmt.Println("TLS private key written at", config.ServerConfig.AuthenticationTLSPrivKey) fmt.Println("TLS certificate written at", config.ServerConfig.AuthenticationTLSCert) return nil }, } cmd.Flags().BoolP("help", "h", false, "help message") _ = cmd.Flags().MarkHidden("help") cmd.Flags().StringVarP(&configFile, "config", "c", configFile, "Path to config file") cmd.Flags().BoolVarP(&force, "force", "f", force, "Force generation even if files already exist") return cmd } Paste
