Difference between revisions of "Go openssl http api"
Jump to navigation
Jump to search
(Created page with "``` package main import ( "fmt" "io/ioutil" "net/http" "os" "os/exec" "github.com/labstack/echo/v4" ) func main() { e := echo.New() e.POST("/generate-certificate",...") |
|||
| (3 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | ``` | ||
| + | openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -subj "/CN=example.com" -addext "subjectAltName = DNS:example.com,DNS:www.example.com,IP:192.168.1.2" | ||
| + | |||
| + | |||
| + | ``` | ||
| + | |||
| + | ``` | ||
| + | openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -subj "/CN=example.com" -addext "extendedKeyUsage = clientAuth" | ||
| + | |||
| + | ``` | ||
| + | |||
| + | ``` | ||
| + | serverAuth: This indicates that the certificate can be used for server authentication. | ||
| + | clientAuth: This indicates that the certificate can be used for client authentication. | ||
| + | codeSigning: This indicates that the certificate can be used for code signing. | ||
| + | emailProtection: This indicates that the certificate can be used for email protection (S/MIME). | ||
| + | timeStamping: This indicates that the certificate can be used for timestamping. | ||
| + | ocspSigning: This indicates that the certificate can be used for OCSP (Online Certificate Status Protocol) signing. | ||
| + | anyExtendedKeyUsage: This indicates that the certificate can be used for any extended key usage purpose. | ||
| + | You can specify multiple usages by separating them with commas in the extendedKeyUsage extension field. For example, to allow both server authentication and client authentication, you would use extendedKeyUsage = serverAuth,clientAuth. | ||
| + | ``` | ||
| + | |||
``` | ``` | ||
package main | package main | ||
Latest revision as of 15:07, 4 May 2024
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -subj "/CN=example.com" -addext "subjectAltName = DNS:example.com,DNS:www.example.com,IP:192.168.1.2"
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -subj "/CN=example.com" -addext "extendedKeyUsage = clientAuth"
serverAuth: This indicates that the certificate can be used for server authentication. clientAuth: This indicates that the certificate can be used for client authentication. codeSigning: This indicates that the certificate can be used for code signing. emailProtection: This indicates that the certificate can be used for email protection (S/MIME). timeStamping: This indicates that the certificate can be used for timestamping. ocspSigning: This indicates that the certificate can be used for OCSP (Online Certificate Status Protocol) signing. anyExtendedKeyUsage: This indicates that the certificate can be used for any extended key usage purpose. You can specify multiple usages by separating them with commas in the extendedKeyUsage extension field. For example, to allow both server authentication and client authentication, you would use extendedKeyUsage = serverAuth,clientAuth.
package main
import (
"fmt"
"io/ioutil"
"net/http"
"os"
"os/exec"
"github.com/labstack/echo/v4"
)
func main() {
e := echo.New()
e.POST("/generate-certificate", func(c echo.Context) error {
// Generate a self-signed certificate using OpenSSL
cmd := exec.Command("openssl", "req", "-x509", "-newkey", "rsa:4096", "-keyout", "key.pem", "-out", "cert.pem", "-days", "365", "-subj", "/CN=example.com")
output, err := cmd.CombinedOutput()
if err != nil {
return c.String(http.StatusInternalServerError, fmt.Sprintf("Error generating certificate: %s", err))
}
return c.String(http.StatusOK, fmt.Sprintf("Certificate generated successfully:\n%s", output))
})
e.GET("/get-certificate/:filename", func(c echo.Context) error {
// Serve generated certificate files
filename := c.Param("filename")
c.Response().Header().Set(echo.HeaderContentType, "application/x-pem-file")
return c.File(filename)
})
e.Start(":8080")
}