From 6be76ae477286b929835ecf2941ca61ab59883f4 Mon Sep 17 00:00:00 2001
From: linux_china <linux_china@hotmail.com>
Date: Wed, 4 Jul 2018 13:35:53 -0700
Subject: [PATCH] Add PKCS#12 generation with default password changeit

Merges #34
Fixes #20
---
 Gopkg.lock | 11 ++++++++++-
 Gopkg.toml |  4 ++++
 cert.go    |  9 ++++++++-
 3 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/Gopkg.lock b/Gopkg.lock
index a8b36d2..0c448be 100644
--- a/Gopkg.lock
+++ b/Gopkg.lock
@@ -34,9 +34,18 @@
   revision = "f21a4dfb5e38f5895301dc265a8def02365cc3d0"
   version = "v0.3.0"
 
+[[projects]]
+  branch = "master"
+  name = "software.sslmate.com/src/go-pkcs12"
+  packages = [
+    ".",
+    "internal/rc2"
+  ]
+  revision = "2291e8f0f237e77e89ce233be7653ecca8cf391a"
+
 [solve-meta]
   analyzer-name = "dep"
   analyzer-version = 1
-  inputs-digest = "eb8c5336b6da0643bb04cf921e8e61c2966555c879bc20533b060724d71667c6"
+  inputs-digest = "af41b15413cbd854c23022d16f6da65af1235c9510e4193a17efef737de71c70"
   solver-name = "gps-cdcl"
   solver-version = 1
diff --git a/Gopkg.toml b/Gopkg.toml
index 6bd256a..989d128 100644
--- a/Gopkg.toml
+++ b/Gopkg.toml
@@ -36,3 +36,7 @@
 [[constraint]]
   branch = "master"
   name = "golang.org/x/net"
+
+[[constraint]]
+  name = "software.sslmate.com/src/go-pkcs12"
+  branch = "master"
\ No newline at end of file
diff --git a/cert.go b/cert.go
index c8bd8ea..bc272bc 100644
--- a/cert.go
+++ b/cert.go
@@ -21,6 +21,7 @@ import (
 	"os/user"
 	"path/filepath"
 	"regexp"
+	"software.sslmate.com/src/go-pkcs12"
 	"strconv"
 	"strings"
 	"time"
@@ -91,6 +92,12 @@ func (m *mkcert) makeCert(hosts []string) {
 		&pem.Block{Type: "CERTIFICATE", Bytes: cert}), 0644)
 	fatalIfErr(err, "failed to save certificate key")
 
+	// generate PKCS#12
+	domainCert, _ := x509.ParseCertificate(cert)
+	pfxData, _ := pkcs12.Encode(rand.Reader, priv, domainCert, []*x509.Certificate{m.caCert}, "changeit")
+	err = ioutil.WriteFile(filename+".p12", pfxData, 0644)
+	fatalIfErr(err, "failed to save PKCS#12")
+
 	secondLvlWildcardRegexp := regexp.MustCompile(`(?i)^\*\.[0-9a-z_-]+$`)
 	log.Printf("\nCreated a new certificate valid for the following names 📜")
 	for _, h := range hosts {
@@ -99,7 +106,7 @@ func (m *mkcert) makeCert(hosts []string) {
 			log.Printf("   Warning: many browsers don't support second-level wildcards like %q ⚠️", h)
 		}
 	}
-	log.Printf("\nThe certificate is at \"./%s.pem\" and the key at \"./%s-key.pem\" ✅\n\n", filename, filename)
+	log.Printf("\nThe certificate is at \"./%s.pem\", and the key at \"./%s-key.pem\", and the PKCS#12 at \"./%s.p12\" ✅\n\n", filename, filename, filename)
 }
 
 // loadCA will load or create the CA at CAROOT.