|
|
@ -1,36 +1,46 @@
|
|
|
|
# Browser PKCS#10 CSR generation PoC
|
|
|
|
# Browser PKCS#10 CSR generation PoC
|
|
|
|
|
|
|
|
|
|
|
|
This repository contains a small proof of concept implementation of browser based PKCS#10 certificate signing request
|
|
|
|
This repository contains a small proof of concept implementation of browser
|
|
|
|
and PKCS#12 key store generation using [node-forge](https://github.com/digitalbazaar/forge).
|
|
|
|
based PKCS#10 certificate signing request and PKCS#12 key store generation
|
|
|
|
|
|
|
|
using [node-forge](https://github.com/digitalbazaar/forge).
|
|
|
|
|
|
|
|
|
|
|
|
The backend is implemented in [Go](https://golang.org/) and utilizes openssl for the signing operations.
|
|
|
|
The backend is implemented in [Go](https://golang.org/) and utilizes openssl
|
|
|
|
|
|
|
|
for the signing operations. The instructions below have been tested on Debian
|
|
|
|
|
|
|
|
11 (Bullseye). Debian 10 works when you use a manual installation of Go.
|
|
|
|
|
|
|
|
|
|
|
|
## Running
|
|
|
|
## Running
|
|
|
|
|
|
|
|
|
|
|
|
1. Clone the repository
|
|
|
|
1. Install dependencies
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
|
|
|
sudo apt install git npm openssl golang-go
|
|
|
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2. Clone the repository
|
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
```
|
|
|
|
git clone https://git.dittberner.info/jan/browser_csr_generation.git
|
|
|
|
git clone https://git.dittberner.info/jan/browser_csr_generation.git
|
|
|
|
```
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
2. Get dependencies and build assets
|
|
|
|
3. Get dependencies and build assets
|
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
```
|
|
|
|
cd browser_csr_generation
|
|
|
|
cd browser_csr_generation
|
|
|
|
npm install --global gulp-cli
|
|
|
|
npm install --user gulp-cli
|
|
|
|
npm install
|
|
|
|
npm install
|
|
|
|
gulp
|
|
|
|
./node_modules/.bin/gulp
|
|
|
|
```
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
2. Setup the example CA and a server certificate and key
|
|
|
|
3. Setup the example CA and a server certificate and key
|
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
```
|
|
|
|
./setup_example_ca.sh
|
|
|
|
./setup_example_ca.sh
|
|
|
|
openssl req -new -x509 -days 365 -subj "/CN=localhost" -addext subjectAltName=DNS:localhost -newkey rsa:3072 \
|
|
|
|
openssl req -new -x509 -days 365 -subj "/CN=localhost" \
|
|
|
|
|
|
|
|
-addext subjectAltName=DNS:localhost -newkey rsa:3072 \
|
|
|
|
-nodes -out server.crt.pem -keyout server.key.pem
|
|
|
|
-nodes -out server.crt.pem -keyout server.key.pem
|
|
|
|
```
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
3. Run the Go based backend
|
|
|
|
4. Run the Go based backend
|
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
```
|
|
|
|
go run main.go
|
|
|
|
go run main.go
|
|
|
@ -38,10 +48,12 @@ The backend is implemented in [Go](https://golang.org/) and utilizes openssl for
|
|
|
|
|
|
|
|
|
|
|
|
Open https://localhost:8000/ in your browser.
|
|
|
|
Open https://localhost:8000/ in your browser.
|
|
|
|
|
|
|
|
|
|
|
|
4. Run gulp watch
|
|
|
|
5. Run gulp watch
|
|
|
|
|
|
|
|
|
|
|
|
You can run a [gulp watch](https://gulpjs.com/docs/en/getting-started/watching-files/)
|
|
|
|
You can run a
|
|
|
|
in a second terminal window to automatically publish changes to the files in the `src` directory:
|
|
|
|
[gulp watch](https://gulpjs.com/docs/en/getting-started/watching-files/)
|
|
|
|
|
|
|
|
in a second terminal window to automatically publish changes to the files in
|
|
|
|
|
|
|
|
the `src` directory:
|
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
```
|
|
|
|
gulp watch
|
|
|
|
gulp watch
|
|
|
@ -49,7 +61,8 @@ The backend is implemented in [Go](https://golang.org/) and utilizes openssl for
|
|
|
|
|
|
|
|
|
|
|
|
## Translations
|
|
|
|
## Translations
|
|
|
|
|
|
|
|
|
|
|
|
This PoC uses [go-i18n](https://github.com/nicksnyder/go-i18n/) for internationalization (i18n) support.
|
|
|
|
This PoC uses [go-i18n](https://github.com/nicksnyder/go-i18n/) for
|
|
|
|
|
|
|
|
internationalization (i18n) support.
|
|
|
|
|
|
|
|
|
|
|
|
The translation workflow needs the `go18n` binary which can be installed via
|
|
|
|
The translation workflow needs the `go18n` binary which can be installed via
|
|
|
|
|
|
|
|
|
|
|
@ -69,14 +82,16 @@ Then use
|
|
|
|
goi18n merge active.*.toml
|
|
|
|
goi18n merge active.*.toml
|
|
|
|
```
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
to create TOML files for translation as `translate.<locale>.toml`. After translating the messages run
|
|
|
|
to create TOML files for translation as `translate.<locale>.toml`. After
|
|
|
|
|
|
|
|
translating the messages run
|
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
```
|
|
|
|
goi18n merge active.*.toml translate.*.toml
|
|
|
|
goi18n merge active.*.toml translate.*.toml
|
|
|
|
```
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
to merge the messages back into the active translation files. To add a new language you need to add the language code
|
|
|
|
to merge the messages back into the active translation files. To add a new
|
|
|
|
to `main.go`'s i18n bundle loading code
|
|
|
|
language you need to add the language code to `main.go`'s i18n bundle loading
|
|
|
|
|
|
|
|
code
|
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
```
|
|
|
|
for _, lang := range []string{"en-US", "de-DE"} {
|
|
|
|
for _, lang := range []string{"en-US", "de-DE"} {
|
|
|
|