aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--README.md1
-rw-r--r--main.go22
2 files changed, 22 insertions, 1 deletions
diff --git a/README.md b/README.md
index 835f12c..6ba3055 100644
--- a/README.md
+++ b/README.md
@@ -29,5 +29,6 @@ $ gencert cert \
-cn 'My Server' \
-d $((10 * 24))h \
-dns www.example.com \
+ -usage server-auth \
-out ~/out/my-site
```
diff --git a/main.go b/main.go
index 455842d..90d79a7 100644
--- a/main.go
+++ b/main.go
@@ -78,6 +78,7 @@ var (
out string
unit StringListFlag
until TimeFlag
+ usages = StringListFlag{"server-auth"}
)
func init() {
@@ -96,6 +97,10 @@ func init() {
certFlags.StringVar(&caName, "ca", "", "base name for the CA files")
certFlags.Var(&dnsNames, "dns", "DNS name")
certFlags.Var(&ips, "ip", "IP address")
+ certFlags.Var(&usages, "usage", `how the certificate will be used:
+ - code-signing
+ - server-auth
+`)
flag.Usage = func() {
fmt.Fprintf(flag.CommandLine.Output(), `%s is a tool for generating certificates.
@@ -119,7 +124,22 @@ func extKeyUsage() []x509.ExtKeyUsage {
if os.Args[1] == "ca" {
return nil
}
- return []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}
+ s := map[string]x509.ExtKeyUsage{}
+ for _, e := range usages {
+ switch e {
+ case "code-signing":
+ s[e] = x509.ExtKeyUsageCodeSigning
+ case "server-auth":
+ s[e] = x509.ExtKeyUsageServerAuth
+ default:
+ log.Fatalln("error: unknown key usage:", e)
+ }
+ }
+ es := []x509.ExtKeyUsage{}
+ for _, e := range s {
+ es = append(es, e)
+ }
+ return es
}
func keyUsage() x509.KeyUsage {
generated by cgit v1.2.3-70-g09d2 (git 2.52.0) at 2025-12-06 23:42:02 +0000