dan
/
liminix
1
0
Fork 5
Code Issues 2 Pull Requests 1 Projects Releases Wiki Activity

add altname to CSR

This commit is contained in:
Daniel Barlow 2024-10-06 10:13:28 +01:00
parent 197e2eb5b1
commit 1a915e91ff
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pkgs/certifix-client/certifix-client.fnl
View File

@ -3,6 +3,7 @@
(local ctx (require :openssl.ssl.context)) (local ctx (require :openssl.ssl.context))
(local csr (require :openssl.x509.csr)) (local csr (require :openssl.x509.csr))
(local altname (require :openssl.x509.altname))
(local pkey (require :openssl.pkey)) (local pkey (require :openssl.pkey))
(local xn (require :openssl.x509.name)) (local xn (require :openssl.x509.name))
@ -21,6 +22,13 @@
(n:add k v))) (n:add k v)))
n)) n))
(fn x509-altname [subj]
(let [an (altname.new)]
(each [_ c (ipairs (split "," subj))]
(let [(k v) (string.match c "(.-)=(.+)")]
(if (= k "CN") (an:add "DNS" v))))
an))
(fn parse-args [args] (fn parse-args [args]
(case args (case args
["--secret" secret & rest] ["--secret" secret & rest]
@ -49,6 +57,7 @@
(doto (csr.new) (doto (csr.new)
(: :setVersion 3) (: :setVersion 3)
(: :setSubject (x509-name options.subject)) (: :setSubject (x509-name options.subject))
(: :setSubjectAlt (x509-altname options.subject))
(: :setPublicKey pk) (: :setPublicKey pk)
(: :addAttribute :challengePassword [options.secret]) (: :addAttribute :challengePassword [options.secret])
(: :sign pk))) (: :sign pk)))