Certificates management tool using openssl wrapper pem to create and sign certificates
To install npm install cert-base
Here we're going to create a CA cert, and then use it to sign a cert
/**
* First we create a CA cert
*/
const cb = new CertBase({
path: 'path/to/a/folder'
})
cb.createCACert('commonName_for_ca')
.then(result => {
console.log(result.key, result.cert)
})
/**
* Then we sign a cert using the CA cert
*/
cg.getCertByHost('commonName_for_hostname')
.then(result => {
console.log(result.key, result.cert)
})
const cb = new CertBase({
path: 'path/to/a/folder',
subject: {
country: 'CN',
organization: 'CertBase',
organizationUnit: 'CertBase Certification'
},
opensslPath: '/path/to/your/openssl'
})
where
- path is the folder path you want to store your certs and keys in, regard it as a cert base
- subject is the subject object used when creating CA cert or signing cert by hostname. The default settings is listed below
- opensslPath is the location of the
openssl
executable. This is because you may want to use a custom openssl version instead of the system defaultopenssl
executable which is the default value of this field
// subject default settings
{
country: 'CN',
organization: 'CertBase',
organizationUnit: 'CertBase Certification'
}
For more subject options and documentations, check here. This is because pem is used inside this package to do all openssl works
cb.createCACert(commonName)
.then(result => {
// result object has 2 fields:
//
// key : the generated key content
// cert: the generated cert content
})
where
- commonName is the commonName field for the CA cert
cb.isCAExist()
returns true
or false
Before you call this method, you must have a ca cert generated, or an error will be thrown
cb.getCertByHost(hostname)
.then(result => {})
where
- hostname is the commonName field for your cert
If you had the same hostname cert generated before, it will use that cert and won't generate a new one
cb.listSignedCerts().then(certs => {
// certs is an array of signed domains
})
List all self signed certificates, certs
is an array like this:
['www.google.com', 'github.com', ...]
cb.removeAllCerts().then()
Removes everything inside the storage directory
cb.removeCert(hostname).then()
Removes a self signed cert with a given name
cb.removeAllSignedCerts().then()
Removes all self signed certs(empty certs
directory)
The certs are stored under the folder path the user give when calling the constructor function.
Strorage structure:
cert-path/
ca/
ca.crt
ca.key
certs/
domain1/
domain1.crt
domain1.key
domain2/
domain2.crt
domain2.key
...