GoSSL is an SSL/TLS certificate tool written with Go and built with ❤️
- Verify a server certificate with a root CA
- Generate RSA private and public key
- Generate x509 RSA root CA
- Generate x509 RSA server certificate
- Generate SSH key pair
- Copy SSH public key to remote SSH server
help
command displays default help and existing commands
./gossl help
verify
command verifies x509 certificate with provided root CA in PEM format.
./gossl verify --help
./gossl verify --cafile ./testdata/ca-cert.pem --certfile ./testdata/server-cert.pem
./gossl verify --dns 127.0.0.1 --cafile ./testdata/ca-cert.pem --certfile ./testdata/server-cert.pem
key
command generates RSA private key with provided bit size.
./gossl key --help
./gossl key --bits 2048
./gossl key --bits 2048 --out private.key
./gossl key --bits 2048 --out private.key --withpub
cert
command generates x509 certificate with provided private key.
./gossl cert --help
// Generate Root CA
./gossl cert \
--key private.key \
--out ca.pem \
--days 365 \
--serial 12345 \
--isCA
// Generate Certificate
./gossl cert \
--key private.key \
--out cert.pem \
--days 365 \
--serial 12345
ssh
command generates SSH Key Pair with provided bit size just like ssh-keygen
tool.
./gossl key --help
./gossl key --bits 2048
./gossl key --bits 2048 -out ./id_rsa
// output will be written to ./id_rsa and ./id_rsa_pub files
ssh-copy
connects remote SSH server and appends provided public key (eg, id_rsa.pub) to authorized_keys
file just like ssh-copy-id
tool.
./gossl ssh-copy --help
./gossl ssh-copy --pubkey /home/user/.ssh/id_rsa.pub remoteUser@remoteIP
// This command will ask for password to connect SSH server
- Add generate command for generating private key, root ca and x509 certificates in one command
- Add cert template format read from yaml file
- Add verification of a CA and http endpoint
- Add test for utils package
- Add test for help package
- Add test for ssh-copy