cfssl
cfssl copied to clipboard
cloudflare
CFSSL: Cloudflare's PKI and TLS toolkit
Hi, It looks like this is the only viable option for creating SSL certificates in Golang. I am interested in being a private CA for some IOT devices. I would...
I specified in the JSON file of the CA "server auth" and "client auth"  The "hosts" in the server's CSR file is left blank; I want this certificate to...
Running the following ``` cfssl bundle -ca-bundle /path/ca.pem -int-bundle /path/intermediate_ca.pem -cert /path/web.pem | cfssljson -bare web-full ``` The call returns fine, but nothing is produced. Without piping to cfssljon I...
I generated my self-signed CA by `cfssl gencert -initca`, but the default term of validity is 5 years. How can I modify it to 10 years ? I don’t want...
normalizeURL used to break URLs with path by rewriting their host part and it would also panic on "IP:Port" strings. I've refactored that to utilize urlx.Parse and also added a...
### Context Creating a certificate authority using a two-tier key heirarchy. Root here is used ONLY to generate a new CA, and is stored in a 'secure' location *under my...
Hi, thank you very much for this super helpful library! I was wondering whether it is easily possible to create an own go web server that uses the cfssl instead...
This PR adds support for [RFC 5280 5.2.1.10 CA Name Constraints](https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10).
I'm trying to query Prometheus metrics from `cfssl serve` process, but get `404 page not found`. I tried both `/metrics` and `/api/v1/cfssl/metrics`. The request is not logged by `cfssl` even...
similar fix as https://github.com/cloudflare/cfssl/pull/996/files#diff-bce1e9ac488e338e3aa3534151936e9f6e852a224ce9c9cb5e3f55529ca2fb76 is likely needed. Even better would be if they were ephemeral - generated during the tests.
