Skip to content
/ certificate-manager Public

A little project to make managing my local certificates a little easier.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Jeymz/certificate-manager

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
.github/workflows
.github/workflows
 
 
config
config
 
 
scripts
scripts
 
 
src
src
 
 
.eslintrc.json
.eslintrc.json
 
 
.gitignore
.gitignore
 
 
package.json
package.json
 
 
readme.md
readme.md
 
 
server.js
server.js
 
 

Repository files navigation

Certificate Manager

Warnings

This is a work in progress. Use at your own risk.

Example

  1. Copy the configuration example
cp config\defaults.example.json config\defaults.json
  1. Edit the configuration to best fit your needs
...
"storeDirectory": "./files", // <- This is where your CA and certs will be saved
  "subject": {
    "email": {
      "prompt": "Email address for certificate administrator",
      "shortName": "E",
      "default": "something@example.com" // <- Email displayed on certificates
    },
    "organization": {
      "prompt": "Organization or Company Name",
      "shortName": "O",
      "default": "Example Home Lab Industries INC."  // <- Organization or Company Name
    },
    "locality": {
      "prompt": "City or Locality",
      "shortName": "L",
      "default": "New York" // <- City or Locality
    },
    "state": {
      "prompt": "State or Region",
      "shortName": "ST",
      "default": "New York" // <- State or Province
    },
    "country": {
      "prompt": "Country code (eg. US)",
      "shortName": "C",
      "default": "US" // <- 2 character Country Code
    }
  },
  "validDomains": [
    "example.com" // <- This is used to validate cert request hostnames not alternate names
  ],
  ...
  1. Set a CA passphrase in your environment variables and run setup.
  • Note: This passphrase only be set once and will be needed to submit future requests
  • Note: This will install only production needed dependencies
SET CAPASS=SecretPassphrase && npm run setup
  1. Run the server
npm run win
  1. Submit a post request to the http://localhost:`port`/new endpoint with the following json body
{
  "hostname": "certs.example.com",
  "altNames": [
    "certs.example.com",
    "certs.example.info",
    "localhost"
  ],
  "passphrase": "SecretPassphrase"
}
  1. All your web certs will be saved to the directory specified in the config in the newCerts directory. Prviate keys are all in the private directory. Your Root CA cert is in the certs folder and will need to be applied to all machines as a Trusted Root Certificate

Roadmap / Features

  • Allow for creating intermediate CAs
  • Allow more customization regarding certificate types and subjects
  • Alert administrator when certificate is about to expire
  • Enable admins to auto issue new certificates and send to certificate administrator

About

A little project to make managing my local certificates a little easier.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages