mkcert

mirror of https://github.com/FiloSottile/mkcert.git synced 2025-10-14 00:41:40 +08:00

Author	SHA1	Message	Date
Filippo Valsorda	e8068235db	Hide the CA path in normal operation Most users don't need to interact with it, and it's important they don't share the rootCA-key.pem file, so let's not lead them there in the first place. Advanced users can still use "mkcert -CAROOT". Fixes #282	2020-10-26 00:25:26 +01:00
Filippo Valsorda	ea8260d0d9	Accept "NEW CERTIFICATE REQUEST" PEM headers Fixes #301	2020-10-26 00:25:26 +01:00
Filippo Valsorda	df15e0c1ef	Backdate notBefore to support macOS Catalina Updates #174	2019-07-06 19:12:45 -03:00
Robert Panzer	c2b30c48f1	Add support for URL SANs (#166 )	2019-07-05 01:16:19 -03:00
Robert Panzer	574ea52743	Add serverAuth EKU to client certs for Service Mesh mTLS setups	2019-06-17 11:02:53 -04:00
Filippo Valsorda	e9f8fbcdf4	cert: use os.Hostname for the OU, and add the long form user name The output of the hostname command on Windows is probably UTF-16, but instead of figuring out its edge cases, switch to the syscall on every platform. Fixes #96 Closes #142	2019-06-02 12:15:03 +01:00
Filippo Valsorda	74ab68812e	Fix and add missing license headers	2019-06-01 14:58:20 +01:00
Filippo Valsorda	245b2732c8	Cleanup path logics with pathExists and binaryExists	2019-06-01 14:55:58 +01:00
Ben Toews	0d4cf75db8	Allow email SANs for S/MIME certificates (#152 )	2019-04-11 22:59:44 -04:00
David Crawshaw	c03e3ceaca	Swap exec.Command("hostname") for os.Hostname() (#137 )	2019-02-15 21:11:46 +01:00
Filippo Valsorda	9e9563535e	Add a -client suffix to filenames when generating client certificates	2019-02-05 14:19:51 -05:00
Filippo Valsorda	99e15e29f9	Add support for certificate signing requests with -csr Closes #55	2019-02-02 18:51:24 -05:00
John Downey	66af5a51f6	Add support for client certificates with -client Fixes #125 Closes #89	2019-02-02 16:26:21 -05:00
Filippo Valsorda	5bb0c47df7	Add -ecdsa for generating certificates with ECDSA keys Fixes #118	2019-02-02 16:26:21 -05:00
Filippo Valsorda	50b8c9f09f	Set the CommonName when generating PKCS#12 files Fixes #115	2019-02-02 16:26:21 -05:00
Filippo Valsorda	da4da8a4bc	Refactor output path flags	2019-01-06 19:07:18 -05:00
单元源	5ea72c377d	Add -cert-file, -key-file and -p12-file (#77 )	2019-01-06 19:07:18 -05:00
Filippo Valsorda	0d0636e824	Print a warning about wildcard depth in X.509 Fixes #60	2019-01-06 18:23:59 -05:00
Filippo Valsorda	6060e206a4	Document the hardcoded PKCS#12 password PKCS#12 encryption is legacy and we don't want to encourage relying on it by making the password configurable. Some systems require the default "changeit", so stick with that. Fixes #86 Closes #58 Closes #87	2019-01-06 17:38:49 -05:00
Filippo Valsorda	060fcce2db	Put PKCS#12 behind a flag, and check in the vendored dependency	2018-08-12 23:29:13 -04:00
linux_china	6be76ae477	Add PKCS#12 generation with default password changeit Merges #34 Fixes #20	2018-08-12 23:29:02 -04:00
Filippo Valsorda	676d4cdf6b	Add a CommonName field to the CA to work-around iOS UI bug Fixes #47	2018-07-30 03:38:23 +02:00
Filippo Valsorda	9e258bad93	Add a SubjectKeyId to the root CA Not really useful for #47, but good to have and a RFC 5280 MUST. See https://twitter.com/FiloSottile/status/1023564776834826240	2018-07-30 03:38:23 +02:00
Filippo Valsorda	564b41305c	Polish Linux system store support	2018-07-04 00:06:50 -04:00
Filippo Valsorda	bf4af2d977	Add user@hostname to the OU, and set NotBefore to now This will help figuring out where and when a certificate was created. Fixes #31	2018-07-03 19:52:18 -04:00
Filippo Valsorda	c4f873a371	Add a warning for second-level wildcards Fixes #30	2018-07-03 17:17:11 -04:00
Filippo Valsorda	e4c5c312a7	Add Firefox support Fixes #6	2018-06-28 01:29:20 -04:00
Filippo Valsorda	7544098b30	Make private keys writeable Read-only is too much hassle for expendable dev keys	2018-06-28 01:03:31 -04:00
Filippo Valsorda	d6aab07a4c	Split off certificate generation code	2018-06-27 23:43:51 -04:00

29 Commits