@interopio/gateway-server
Version:
[](https://www.npmjs.com/package/@interopio/gateway-server)
48 lines (41 loc) • 1.58 kB
TypeScript
import type { RSAKey, KJUR } from 'jsrsasign';
/**
* CA private key type - can be a PEM string or a jsrsasign key object
*/
type CAPrivateKey = string | RSAKey | KJUR.crypto.DSA | KJUR.crypto.ECDSA;
/**
* Default Common Name for the root CA certificate.
*/
export const DEFAULT_CA_NAME: string;
/**
* Generate a root Certificate Authority (CA) certificate.
*
* @param options - Options for generating the CA
* @param options.name - Common Name for the CA certificate (default: "io.Gateway Dev CA user@host")
* @param options.passphrase - Optional passphrase to protect the private key
* @returns Object containing the private key and certificate in PEM format
*/
export function generateRootCA(options?: { name?: string, passphrase?: string }): {
key: string;
cert: string;
};
/**
* Generate a certificate with custom SAN (Subject Alternative Name) entries.
*
* @param caKey - CA private key (PEM string or jsrsasign key object)
* @param issuer - Issuer DN string from CA certificate
* @param sanEntries - Array of SAN entries (e.g., "localhost", "IP:192.168.1.1", "EMAIL:user@example.com")
* @param isClient - Generate client certificate (clientAuth) vs server certificate (serverAuth) (default: false)
* @param validityDays - Certificate validity in days (default: 7)
* @returns Object containing the private key and certificate in PEM format
*/
export function generateCert(
caKey: CAPrivateKey,
issuer: string,
sanEntries: string[],
isClient?: boolean,
validityDays?: number
): {
key: string;
cert: string;
};