cert-base
v1.1.1
Published
Certificates generator and manager
Downloads
2
Readme
cert-base
Certificates management tool using openssl wrapper pem to create and sign certificates
To install npm install cert-base
Usage
Here we're going to create a CA cert, and then use it to sign a cert
/**
* First we create a CA cert
*/
const cb = new CertBase({
path: 'path/to/a/folder'
})
cb.createCACert('commonName_for_ca')
.then(result => {
console.log(result.key, result.cert)
})
/**
* Then we sign a cert using the CA cert
*/
cg.getCertByHost('commonName_for_hostname')
.then(result => {
console.log(result.key, result.cert)
})
API Documentations
Constructor options
const cb = new CertBase({
path: 'path/to/a/folder',
subject: {
country: 'CN',
organization: 'CertBase',
organizationUnit: 'CertBase Certification'
},
opensslPath: '/path/to/your/openssl'
})
where
- path is the folder path you want to store your certs and keys in, regard it as a cert base
- subject is the subject object used when creating CA cert or signing cert by hostname. The default settings is listed below
- opensslPath is the location of the
openssl
executable. This is because you may want to use a custom openssl version instead of the system defaultopenssl
executable which is the default value of this field
// subject default settings
{
country: 'CN',
organization: 'CertBase',
organizationUnit: 'CertBase Certification'
}
For more subject options and documentations, check here. This is because pem is used inside this package to do all openssl works
Create a CA cert
cb.createCACert(commonName)
.then(result => {
// result object has 2 fields:
//
// key : the generated key content
// cert: the generated cert content
})
where
- commonName is the commonName field for the CA cert
Check if CA cert exist
cb.isCAExist()
returns true
or false
Sign a cert by hostname
Before you call this method, you must have a ca cert generated, or an error will be thrown
cb.getCertByHost(hostname)
.then(result => {})
where
- hostname is the commonName field for your cert
If you had the same hostname cert generated before, it will use that cert and won't generate a new one
List all self signed certs
cb.listSignedCerts().then(certs => {
// certs is an array of signed domains
})
List all self signed certificates, certs
is an array like this:
['www.google.com', 'github.com', ...]
Remove all certs
cb.removeAllCerts().then()
Removes everything inside the storage directory
Remove cert by hostname
cb.removeCert(hostname).then()
Removes a self signed cert with a given name
Remove all signed certs
cb.removeAllSignedCerts().then()
Removes all self signed certs(empty certs
directory)
About how certs are stored
The certs are stored under the folder path the user give when calling the constructor function.
Strorage structure:
cert-path/
ca/
ca.crt
ca.key
certs/
domain1/
domain1.crt
domain1.key
domain2/
domain2.crt
domain2.key
...