aipper/mkcert
1
0
Fork 0
mirror of https://github.com/FiloSottile/mkcert.git synced 2025-10-14 00:41:40 +08:00
Code Issues Packages Projects Releases Wiki Activity

Allow wildcards and block heading and trailing dots

Browse Source 
Fixes #1
This commit is contained in:
Filippo Valsorda
2018-06-27 22:38:48 -04:00
parent 222b4f1035
commit 1f4fbd9097
2 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@@ -7,17 +7,18 @@ $ mkcert -install
Created a new local CA at "/Users/filippo/Library/Application Support/mkcert" 💥 Created a new local CA at "/Users/filippo/Library/Application Support/mkcert" 💥
The local CA is now installed in the system trust store! ⚡️ The local CA is now installed in the system trust store! ⚡️
$ mkcert example.com myapp.dev localhost 127.0.0.1 ::1 $ mkcert example.com '*.example.org' myapp.dev localhost 127.0.0.1 ::1
Using the local CA at "/Users/filippo/Library/Application Support/mkcert" ✨ Using the local CA at "/Users/filippo/Library/Application Support/mkcert" ✨
Created a new certificate valid for the following names 📜 Created a new certificate valid for the following names 📜
- "example.com" - "example.com"
- "*.example.org"
- "myapp.dev" - "myapp.dev"
- "localhost" - "localhost"
- "127.0.0.1" - "127.0.0.1"
- "::1" - "::1"
The certificate is at "./example.com+4.pem" and the key at "./example.com+4-key.pem" ✅ The certificate is at "./example.com+5.pem" and the key at "./example.com+5-key.pem" ✅
``` ```
<p align="center"><img width="444" alt="Chrome screenshot" src="https://user-images.githubusercontent.com/1225294/41887838-7acd55ca-78d0-11e8-8a81-139a54faaf87.png"></p> <p align="center"><img width="444" alt="Chrome screenshot" src="https://user-images.githubusercontent.com/1225294/41887838-7acd55ca-78d0-11e8-8a81-139a54faaf87.png"></p>

11
main.go
View File

@@ -93,6 +93,9 @@ Usage:
$ mkcert example.com myapp.dev localhost 127.0.0.1 ::1 $ mkcert example.com myapp.dev localhost 127.0.0.1 ::1
Generate "example.com+4.pem" and "example.com+4-key.pem". Generate "example.com+4.pem" and "example.com+4-key.pem".
$ mkcert '*.example.com'
Generate "_wildcard.example.com.pem" and "_wildcard.example.com-key.pem".
$ mkcert -uninstall $ mkcert -uninstall
Unnstall the local CA (but do not delete it). Unnstall the local CA (but do not delete it).
@@ -101,12 +104,12 @@ Change the CA certificate and key storage location by setting $CAROOT.
return return
} }
re := regexp.MustCompile(`^[0-9A-Za-z._-]+$`) hostnameRegexp := regexp.MustCompile(`(?i)^(\*\.)?[0-9a-z_-]([0-9a-z._-]*[0-9a-z_-])?$`)
for _, name := range args { for _, name := range args {
if ip := net.ParseIP(name); ip != nil { if ip := net.ParseIP(name); ip != nil {
continue continue
} }
if re.MatchString(name) { if hostnameRegexp.MatchString(name) {
continue continue
} }
log.Fatalf("ERROR: %q is not a valid hostname or IP", name) log.Fatalf("ERROR: %q is not a valid hostname or IP", name)
@@ -153,6 +156,7 @@ func (m *mkcert) makeCert(hosts []string) {
fatalIfErr(err, "failed to generate certificate") fatalIfErr(err, "failed to generate certificate")
filename := strings.Replace(hosts[0], ":", "_", -1) filename := strings.Replace(hosts[0], ":", "_", -1)
filename = strings.Replace(filename, "*", "_wildcard", -1)
if len(hosts) > 1 { if len(hosts) > 1 {
filename += "+" + strconv.Itoa(len(hosts)-1) filename += "+" + strconv.Itoa(len(hosts)-1)
} }
@@ -223,8 +227,7 @@ func (m *mkcert) newCA() {
KeyUsage: x509.KeyUsageCertSign, KeyUsage: x509.KeyUsageCertSign,
BasicConstraintsValid: true, BasicConstraintsValid: true,
IsCA: true, IsCA: true,
MaxPathLen: 0,
MaxPathLenZero: true, MaxPathLenZero: true,
} }