MCPcopy Index your code
hub / github.com/coder/coder / generateSelfSignedCertificate

Function generateSelfSignedCertificate

cli/server.go:1722–1747  ·  view source on GitHub ↗

generateSelfSignedCertificate creates an unsafe self-signed certificate at random that allows users to proceed with setup in the event they haven't configured any TLS certificates.

()

Source from the content-addressed store, hash-verified

1720// at random that allows users to proceed with setup in the event they
1721// haven't configured any TLS certificates.
1722func generateSelfSignedCertificate() (*tls.Certificate, error) {
1723 privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
1724 if err != nil {
1725 return nil, err
1726 }
1727 template := x509.Certificate{
1728 SerialNumber: big.NewInt(1),
1729 NotBefore: time.Now(),
1730 NotAfter: time.Now().Add(time.Hour * 24 * 180),
1731
1732 KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
1733 ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
1734 BasicConstraintsValid: true,
1735 IPAddresses: []net.IP{net.ParseIP("127.0.0.1")},
1736 }
1737
1738 derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &privateKey.PublicKey, privateKey)
1739 if err != nil {
1740 return nil, err
1741 }
1742
1743 var cert tls.Certificate
1744 cert.Certificate = append(cert.Certificate, derBytes)
1745 cert.PrivateKey = privateKey
1746 return &cert, nil
1747}
1748
1749// defaultCipherSuites is a list of safe cipher suites that we default to. This
1750// is different from Golang's list of defaults, which unfortunately includes

Callers 1

configureServerTLSFunction · 0.85

Calls 1

AddMethod · 0.65

Tested by

no test coverage detected