|
|
@@ -21,6 +21,7 @@ import (
|
|
|
"os/user"
|
|
|
"path/filepath"
|
|
|
"regexp"
|
|
|
+ "software.sslmate.com/src/go-pkcs12"
|
|
|
"strconv"
|
|
|
"strings"
|
|
|
"time"
|
|
|
@@ -91,6 +92,12 @@ func (m *mkcert) makeCert(hosts []string) {
|
|
|
&pem.Block{Type: "CERTIFICATE", Bytes: cert}), 0644)
|
|
|
fatalIfErr(err, "failed to save certificate key")
|
|
|
|
|
|
+ // generate PKCS#12
|
|
|
+ domainCert, _ := x509.ParseCertificate(cert)
|
|
|
+ pfxData, _ := pkcs12.Encode(rand.Reader, priv, domainCert, []*x509.Certificate{m.caCert}, "changeit")
|
|
|
+ err = ioutil.WriteFile(filename+".p12", pfxData, 0644)
|
|
|
+ fatalIfErr(err, "failed to save PKCS#12")
|
|
|
+
|
|
|
secondLvlWildcardRegexp := regexp.MustCompile(`(?i)^\*\.[0-9a-z_-]+$`)
|
|
|
log.Printf("\nCreated a new certificate valid for the following names 📜")
|
|
|
for _, h := range hosts {
|
|
|
@@ -99,7 +106,7 @@ func (m *mkcert) makeCert(hosts []string) {
|
|
|
log.Printf(" Warning: many browsers don't support second-level wildcards like %q ⚠️", h)
|
|
|
}
|
|
|
}
|
|
|
- log.Printf("\nThe certificate is at \"./%s.pem\" and the key at \"./%s-key.pem\" ✅\n\n", filename, filename)
|
|
|
+ log.Printf("\nThe certificate is at \"./%s.pem\", and the key at \"./%s-key.pem\", and the PKCS#12 at \"./%s.p12\" ✅\n\n", filename, filename, filename)
|
|
|
}
|
|
|
|
|
|
// loadCA will load or create the CA at CAROOT.
|
linux_china