MiniCA is a LAB-ONLY (Don't use this in production systems or untrusted networks!) CA made for use with my other project FakerNet. It has simple web interface than can be easily scripted with Python for curl. POST a CSR csrfile
and the CA private key password password
(for some form of authentication) you get a signed certificate.
Password is auto-generated an in the ./certs/ca.pass
file. Keep this safe.
Example:
curl --cacert ./certs/ca.crt -F [email protected] -F password=<PASSWORD> https://localhost:8443
The CA cert is available at /static/certs/fakernet-ca.crt
or /static/certs/fakernet-ca.p7b
on the web server.
Certs are stored in the ./certs/
directory.
Thanks to these pages for help:
- Create a PKI in GoLang
- How to use an encrypted private key with golang ssh - StackOverflow
- Golang RSA encrypt and decrypt example
- Using encrypted private keys with Golang HTTPS server
- How create rsa private key with passphrase in golang - StackOverflow
- Signing certificate request with certificate authority - StackOverflow
- Go: How do I add an extension (subjectAltName) to a x509.Certificate? - StackOverflow