UNPKG

@interopio/gateway-server

Version:

[![npm version](https://img.shields.io/npm/v/@interopio/gateway-server.svg)](https://www.npmjs.com/package/@interopio/gateway-server)

48 lines (41 loc) 1.58 kB
import type { RSAKey, KJUR } from 'jsrsasign'; /** * CA private key type - can be a PEM string or a jsrsasign key object */ type CAPrivateKey = string | RSAKey | KJUR.crypto.DSA | KJUR.crypto.ECDSA; /** * Default Common Name for the root CA certificate. */ export const DEFAULT_CA_NAME: string; /** * Generate a root Certificate Authority (CA) certificate. * * @param options - Options for generating the CA * @param options.name - Common Name for the CA certificate (default: "io.Gateway Dev CA user@host") * @param options.passphrase - Optional passphrase to protect the private key * @returns Object containing the private key and certificate in PEM format */ export function generateRootCA(options?: { name?: string, passphrase?: string }): { key: string; cert: string; }; /** * Generate a certificate with custom SAN (Subject Alternative Name) entries. * * @param caKey - CA private key (PEM string or jsrsasign key object) * @param issuer - Issuer DN string from CA certificate * @param sanEntries - Array of SAN entries (e.g., "localhost", "IP:192.168.1.1", "EMAIL:user@example.com") * @param isClient - Generate client certificate (clientAuth) vs server certificate (serverAuth) (default: false) * @param validityDays - Certificate validity in days (default: 7) * @returns Object containing the private key and certificate in PEM format */ export function generateCert( caKey: CAPrivateKey, issuer: string, sanEntries: string[], isClient?: boolean, validityDays?: number ): { key: string; cert: string; };