UNPKG

@cto.af/ca

Version:

Testing-only Certificate Authority (CA) for your local development environment ONLY. This is in no way suitable for production of any kind.

github.com/cto-af/ca

cto-af/ca

75 lines (74 loc) 2.41 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
import type { LogOptions } from '@cto.af/log'; import type rs from 'jsrsasign'; export interface CommonCertOptions { /** * Hostname(s) for cert. Used for subject CN, DNS subjectAltName, or IP * subjectAltName if IP address. If array, the first name will be the CN, * and all names will be added as SANs. */ host?: string | string[]; /** Relative to cwd. */ dir?: string; /** * Minimum number of days the server can run. Ensure the cert will be good * at least this long. */ minRunDays?: number; /** Certificate invalid after this many days, server restart required. */ notAfterDays?: number; /** Always create a new cert, even if one exists and is valid. */ force?: boolean; /** * If true, do not read the key. */ noKey?: boolean; /** * If true, do not write any files. */ temp?: boolean; } export type RequiredCommonCertOptions = Required<CommonCertOptions>; export interface CtoCertOptions { /** * Subject Distinguished Name for CA. */ caSubject?: string; /** CA certificate not valid after this many days. */ caNotAfterDays?: number; /** Minimum number of days left on CA cert. */ caMinRunDays?: number; /** * Minimum number of days the server can run. Ensure the cert will good * at least this long. */ minRunDays?: number; /** Certificate invalid after this many days, server restart required. */ notAfterDays?: number; /** Relative to cwd. */ certDir?: string; /** Relative to cwd. */ caDir?: string; /** Hostname for cert. Used for subject CN, DNS subjectAltName. */ host?: string | string[]; /** Always create a new CA cert, even if one exists and is valid. */ forceCA?: boolean; /** Always create a new certificate, even if one exists and is valid. */ forceCert?: boolean; /** * If true, do not read the key. */ noKey?: boolean; /** * If true, do not write any files. */ temp?: boolean; } export type RequiredCertOptions = Required<CtoCertOptions>; export type CertOptions = CtoCertOptions & LogOptions; export type CommonCertLogOptions = CommonCertOptions & LogOptions; export type AnyKey = rs.RSAKey | rs.KJUR.crypto.DSA | rs.KJUR.crypto.ECDSA; export interface KeyCertNames { certDir: string; keyName: string; certName: string; }