summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--generate_cert.go13
1 files changed, 12 insertions, 1 deletions
diff --git a/generate_cert.go b/generate_cert.go
index 83216cf..0a87f34 100644
--- a/generate_cert.go
+++ b/generate_cert.go
@@ -15,6 +15,7 @@ import (
"crypto/rsa"
"crypto/x509"
"crypto/x509/pkix"
+ "encoding/asn1"
"encoding/pem"
"flag"
"log"
@@ -32,6 +33,8 @@ var (
isCA = flag.Bool("ca", false, "whether this cert should be its own Certificate Authority")
rsaBits = flag.Int("rsa-bits", 2048, "Size of RSA key to generate. Ignored if --ecdsa-curve is set")
ecdsaCurve = flag.String("ecdsa-curve", "", "ECDSA curve to use to generate a key. Valid values are P224, P256, P384, P521")
+ mail = flag.String("mail", "", "emailAddress to include with certificate")
+ org = flag.String("org", "ACME Inc.", "Organization")
)
func publicKey(priv crypto.PrivateKey) crypto.PublicKey {
@@ -108,7 +111,7 @@ func main() {
template := x509.Certificate{
SerialNumber: serialNumber,
Subject: pkix.Name{
- Organization: []string{"Acme Co"},
+ Organization: []string{*org},
},
NotBefore: notBefore,
NotAfter: notAfter,
@@ -127,6 +130,14 @@ func main() {
}
}
+ if *mail != "" {
+ m := pkix.AttributeTypeAndValue{
+ Type: asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 9, 1},
+ Value: *mail,
+ }
+ template.Subject.ExtraNames = append(template.Subject.ExtraNames, m)
+ }
+
if *isCA {
template.IsCA = true
template.KeyUsage |= x509.KeyUsageCertSign