Certificates management tool using openssl wrapper pem to create and sign certificates

To install npm install cert-base

Here we're going to create a CA cert, and then use it to sign a cert

/**
 * First we create a CA cert
 */

const cb = new CertBase({
  path: 'path/to/a/folder'
})

cb.createCACert('commonName_for_ca')
  .then(result => {
    console.log(result.key, result.cert)
  })

/**
 * Then we sign a cert using the CA cert
 */

cg.getCertByHost('commonName_for_hostname')
  .then(result => {
    console.log(result.key, result.cert)
  })

const cb = new CertBase({
  path: 'path/to/a/folder',
  subject: {
    country: 'CN',
    organization: 'CertBase',
    organizationUnit: 'CertBase Certification'
  },
  opensslPath: '/path/to/your/openssl'
})

where

• path is the folder path you want to store your certs and keys in, regard it as a cert base
• subject is the subject object used when creating CA cert or signing cert by hostname. The default settings is listed below
• opensslPath is the location of the openssl executable. This is because you may want to use a custom openssl version instead of the system default openssl executable which is the default value of this field

// subject default settings
{
  country: 'CN',
  organization: 'CertBase',
  organizationUnit: 'CertBase Certification'
}

For more subject options and documentations, check here. This is because pem is used inside this package to do all openssl works

cb.createCACert(commonName)
  .then(result => {
    // result object has 2 fields:
    //
    // key : the generated key content
    // cert: the generated cert content
  })

where

• commonName is the commonName field for the CA cert

cb.isCAExist()

returns true or false

Before you call this method, you must have a ca cert generated, or an error will be thrown

cb.getCertByHost(hostname)
  .then(result => {})

where

• hostname is the commonName field for your cert

If you had the same hostname cert generated before, it will use that cert and won't generate a new one

cb.listSignedCerts().then(certs => {
  // certs is an array of signed domains
})

List all self signed certificates, certs is an array like this:

['www.google.com', 'github.com', ...]

cb.removeAllCerts().then()

Removes everything inside the storage directory

cb.removeCert(hostname).then()

Removes a self signed cert with a given name

cb.removeAllSignedCerts().then()

Removes all self signed certs(empty certs directory)

The certs are stored under the folder path the user give when calling the constructor function.

Strorage structure:

cert-path/
  ca/
    ca.crt
    ca.key
  certs/
    domain1/
      domain1.crt
      domain1.key
    domain2/
      domain2.crt
      domain2.key
    ...