MCPcopy
hub / github.com/jackc/pgx / main

Function main

testsetup/generate_certs.go:18–118  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

16)
17
18func main() {
19 // Create the CA
20 ca := &x509.Certificate{
21 SerialNumber: big.NewInt(1),
22 Subject: pkix.Name{
23 CommonName: "pgx-root-ca",
24 },
25 NotBefore: time.Now(),
26 NotAfter: time.Now().AddDate(20, 0, 0),
27 IsCA: true,
28 ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
29 KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
30 BasicConstraintsValid: true,
31 }
32
33 caKey, err := rsa.GenerateKey(rand.Reader, 4096)
34 if err != nil {
35 panic(err)
36 }
37
38 caBytes, err := x509.CreateCertificate(rand.Reader, ca, ca, &caKey.PublicKey, caKey)
39 if err != nil {
40 panic(err)
41 }
42
43 err = writePrivateKey("ca.key", caKey)
44 if err != nil {
45 panic(err)
46 }
47
48 err = writeCertificate("ca.pem", caBytes)
49 if err != nil {
50 panic(err)
51 }
52
53 // Create a server certificate signed by the CA for localhost.
54 serverCert := &x509.Certificate{
55 SerialNumber: big.NewInt(2),
56 Subject: pkix.Name{
57 CommonName: "localhost",
58 },
59 DNSNames: []string{"localhost"},
60 IPAddresses: []net.IP{net.IPv4(127, 0, 0, 1), net.IPv6loopback},
61 NotBefore: time.Now(),
62 NotAfter: time.Now().AddDate(20, 0, 0),
63 ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
64 KeyUsage: x509.KeyUsageDigitalSignature,
65 }
66
67 serverCertPrivKey, err := rsa.GenerateKey(rand.Reader, 2048)
68 if err != nil {
69 panic(err)
70 }
71
72 serverBytes, err := x509.CreateCertificate(rand.Reader, serverCert, ca, &serverCertPrivKey.PublicKey, caKey)
73 if err != nil {
74 panic(err)
75 }

Callers

nothing calls this directly

Calls 3

writePrivateKeyFunction · 0.85
writeCertificateFunction · 0.85
writeEncryptedPrivateKeyFunction · 0.85

Tested by

no test coverage detected