makePEM creates a self-signed RSA certificate as two PEM blocks. taken from crypto/tls/generate_cert.go
(host string, validFor time.Duration)
| 698 | // makePEM creates a self-signed RSA certificate as two PEM blocks. |
| 699 | // taken from crypto/tls/generate_cert.go |
| 700 | func makePEM(host string, validFor time.Duration) (certPEM, keyPEM []byte) { |
| 701 | const bits = 1024 |
| 702 | priv, err := rsa.GenerateKey(rand.Reader, bits) |
| 703 | if err != nil { |
| 704 | panic("Failed to generate private key: " + err.Error()) |
| 705 | } |
| 706 | |
| 707 | template := x509.Certificate{ |
| 708 | SerialNumber: big.NewInt(1), |
| 709 | Subject: pkix.Name{ |
| 710 | Organization: []string{"Fabio Co"}, |
| 711 | }, |
| 712 | NotBefore: time.Now(), |
| 713 | NotAfter: time.Now().Add(validFor), |
| 714 | IsCA: true, |
| 715 | DNSNames: []string{host}, |
| 716 | KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign, |
| 717 | ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, |
| 718 | BasicConstraintsValid: true, |
| 719 | } |
| 720 | |
| 721 | derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv) |
| 722 | if err != nil { |
| 723 | panic("Failed to create certificate: " + err.Error()) |
| 724 | } |
| 725 | |
| 726 | var cert, key bytes.Buffer |
| 727 | pem.Encode(&cert, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes}) |
| 728 | pem.Encode(&key, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)}) |
| 729 | return cert.Bytes(), key.Bytes() |
| 730 | } |
| 731 | |
| 732 | func makeCert(host string, validFor time.Duration) tls.Certificate { |
| 733 | certPEM, keyPEM := makePEM(host, validFor) |
no test coverage detected