minica
minica copied to clipboard
jsha
minica is a small, simple CA intended for use in situations where the CA operator also operates each host where a certificate will be used.
SANS are allowed to contain more than just domain names and IP addresses. This PR adds the ability to specify email addresses and URIs in the Subject Alternate Name field...
## Issue I generated for a gitea server (running as localhost) the cert and key files using this command ``` minica -ip-addresses 127.0.0.1 -ca-cert localhost.crt -ca-key localhost.key ``` I copied...
If the _XDG_DATA_HOME_ environment variable is set then the root certificate should be generated in `${XDG_DATA_HOME}/minica`. https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html On macOS it should go into `~/Library/Application\ Support/com.jsha.minica` (_XDG_DATA_HOME_ takes preference though). https://developer.apple.com/library/archive/documentation/FileManagement/Conceptual/FileSystemProgrammingGuide/MacOSXDirectories/MacOSXDirectories.html
I suppose main use case for minica is to enable developing projects on local workstation. This means we'll have just one CA key imported into all local browsers, and per-project...
Using the `-macos-be-damned` flag extends certificate validity from the default 2 years and 30 days (the max allowable by Apple stuff) to 100 years, which is useful for insecure applications...
For future releases, could we include pre-compiled binaries? I should have asked earlier rather than wait til I needed it. In lieu of this repo currently shipping binaries, I've created...
I have forked this project and added many new features to https://github.com/ctrlcctrlv/minica2.go. Full list of changes as of 2022-12-17: https://github.com/ctrlcctrlv//minica2.go/compare/jsha...master Major changes: - https://github.com/ctrlcctrlv/minica2.go/commit/e9fbbcbd7d70dfed602c32103cb0849881e82ac0 (Add ability to set org name,...
According to the [README](/README.md) wildcard certs are supported. But I've just tried this and Chrome (at least) gets an error: ``` NET::ERR_CERT_COMMON_NAME_INVALID Subject: *.home.arpa Issuer: minica root ca 44c4c0 Expires...
This PR accomplishes three things - Refactor to allow other go programs to import this as a module - expose the formerly private `getIssuer` and `sign` functions for the same...
