A package for SSL/TLS certificate management aims to use the InCommon Certificate Manager API functions.
Currently, this package uses openssl for key, certificate signing request (CSR) generation.
Commands in this package includes all functions needed to create, renew, replace, and revoke a certificate.
To run a build of the cert for a given host.
The package includes some command line tools.
src/csr-cli.js --helpA configuration file may be placed in etc/config.json file, in JSON format, to
configure how this suite of tools behave.
"csr": {
"req": {
"default_bits": 4096,
"default_md": "sha256",
"req_extensions": "req_ext",
"distinguished_name": "dn",
"prompt": "no",
"encrypt_key": "no"
},
"req_ext": {
"subjectAltName": "@alt_names"
},
"dn": {
"C": "US",
"ST": "<State>",
"L": "<City>",
"O": "<Company Name>",
"OU": "<Department>",
"emailAddress": "<OU-email-address>",
"CN": "<hostname>"
}
}- Wei Wang ww@9rivers.com