package crypto/x509
CreateCertificateRequest creates a new certificate based on a template. The following members of template are used: Subject, Attributes, SignatureAlgorithm, Extension, DNSNames, EmailAddresses, and IPAddresses. The private key is the private key of the signer.
The returned slice is the certificate request in DER encoding.
The only supported key types are RSA (rsa.PrivateKey) and ECDSA (ecdsa.PrivateKey).
Golang crypto/x509.CreateCertificateRequest function usage example
// populate some dummy data.
// see CertificateRequest full structure at
// http://golang.org/pkg/crypto/x509/#CertificateRequest
template := &x509.CertificateRequest {
Signature : []byte("Hello World Signature"),
SignatureAlgorithm : 2, // http://golang.org/pkg/crypto/x509/#SignatureAlgorithm
Subject : pkix.Name{
Country : []string{"Earth"},
Organization: []string{"Mother Nature"},
},
DNSNames : []string{"example.abc123.com"},
EmailAddresses : []string{"admin@abc123.com"},
IPAddresses : []net.IP{net.IPv4(127, 0, 0, 1).To4(), net.ParseIP("2001:1234:0:2001::56")},
}
// generate private key
privatekey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
fmt.Println(err)
}
cert, err := x509.CreateCertificateRequest(rand.Reader, template, privatekey)
if err != nil {
fmt.Println(err)
}
Reference :
http://golang.org/pkg/crypto/x509/#CreateCertificateRequest
