src/pkg/crypto/tls/examples/generate_cert.go - Issue 1684051: code review 1684051: crypto/tls, http: Make HTTPS servers easier.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Side by Side Diff: src/pkg/crypto/tls/examples/generate_cert.go

Issue 1684051: code review 1684051: crypto/tls, http: Make HTTPS servers easier. (Closed)

Patch Set: code review 1684051: crypto/tls, http/https: Make HTTPS servers easier. Created 14 years, 9 months ago

Left:
Right:

Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Generate a self-signed X.509 certificate for a TLS server.
	adg 2010/07/01 22:08:23 Should mention that cert.pem and key.pem will be [ Should mention that cert.pem and key.pem will be [over-]written. agl1 2010/07/01 22:11:42 Done. Show quoted text On 2010/07/01 22:08:23, adg wrote: > Should mention that cert.pem and key.pem will be [over-]written. > > Done.
	2

	3 package main

	4

	5 import (

	6 "crypto/rsa"

	7 "crypto/x509"

	8 "encoding/pem"

	9 "fmt"

	10 "log"

	11 "os"

	12 "time"

	13 )

	14

	15 func main() {

	16 if len(os.Args) != 2 {

	17 fmt.Printf("Usage: %s <hostname of server>\n", os.Args[0])

	18 return

	19 }

	20

	21 hostName := os.Args[1]

	22

	23 urandom, err := os.Open("/dev/urandom", os.O_RDONLY, 0)

	24 if err != nil {

	25 log.Crashf("failed to open /dev/urandom: %s\n", err)

	26 return

	27 }

	28

	29 log.Stdoutf("Generating RSA key\n")

	30 priv, err := rsa.GenerateKey(urandom, 1024)

	31 if err != nil {

	32 log.Crashf("failed to generate private key: %s\n", err)

	33 return

	34 }

	35

	36 now := time.Seconds()

	37

	38 template := x509.Certificate{

	39 SerialNumber: []byte{0},

	40 Subject: x509.Name{

	41 CommonName: hostName,

	42 Organization: "Acme Co",

	43 },

	44 NotBefore: time.SecondsToUTC(now - 300),

	45 NotAfter: time.SecondsToUTC(now + 86400*365), // valid for 1 ye ar.

	46

	47 SubjectKeyId: []byte{1, 2, 3, 4},

	48 KeyUsage: x509.KeyUsageKeyEncipherment \| x509.KeyUsageDigita lSignature,

	49 }

	50

	51 derBytes, err := x509.CreateCertificate(urandom, &template, &template, & priv.PublicKey, priv)

	52 if err != nil {

	53 log.Crashf("Failed to create certificate: %s", err)

	54 return

	55 }

	56

	57 certOut, err := os.Open("cert.pem", os.O_WRONLY\|os.O_CREAT, 0644)

	58 if err != nil {

	59 log.Crashf("failed to open cert.pem for writing: %s\n", err)

	60 return

	61 }

	62 pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})

	63 certOut.Close()

	64 log.Stdoutf("written cert.pem\n")

	65

	66 keyOut, err := os.Open("key.pem", os.O_WRONLY\|os.O_CREAT, 0600)

	67 if err != nil {

	68 log.Crashf("failed to open key.pem for writing: %s\n", err)

	69 return

	70 }

	71 pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.Marsh alPKCS1PrivateKey(priv)})

	72 keyOut.Close()

	73 log.Stdoutf("written key.pem\n")

	74 }

OLD	NEW

« no previous file with comments | « no previous file | src/pkg/crypto/tls/examples/server.go » ('j') | src/pkg/http/https/https.go » ('J')