myca-cli
A command line for myca for creating my CA center, generating a self signed x509 certificate, issuing server certificate from node.js via openssl. Multiple center supported. RSA, EC(P-256, P-384) supported.
Installing
npm install -g myca-climyca module
Usage
-
Initialize default center
myca initwill output:
Default center created at path: "C:\Users\<user>\.myca" -
Initialize CA cert of default center
myca initca --days=10950 --pass=mycapass \--cn="my root ca" --o="my company" --c=CN \will output:
CA certificate created with:centerName: "default"crtFile: "C:\Users\<user>\.myca\ca.crt"privateKeyFile: "C:\Users\<user>\.myca\ca.key" -
Issue a RSA serve certificate
myca issue --kind=server --days=730 --pass=fooo \--cn="waitingsong.com" --o="my company" --c=CN --caKeyPass=mycapass \will output:
Issue a Certificate with:pubKey:-----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJunjvIoZ5bFQsA9D/1AMHt36viM7AJZFpQdmVuTLUZXEiTFU6gMdBarikHsXt0xRPcnGHiP1hgSsTIh2j1k3HiNinwfV/MePvy/8f/XWY+J3BbljQCPQmtUIZAnBebiVcvQrL1cP4l5xgJiv5/pEdRhCs92J/1MMDxhp41BzatBKwbQJ7UQtLnTdWXCs/qptTgaD6vh4a3snWHlfatgTsfzjmSmiXcEYGZM9z6tDrSjR9kBZoog+9DTh+FCdVaasL7QvYlWlOzsjSO2yvLXlYQJ9VJbBGxV0cOKbmPm46aMK6n5br/75CAm8cHyfgsE0MhxH2uxQW3leUy+3MHKZwIDAQAB-----END PUBLIC KEY-----pass: "fooo"privateKeyFile: "C:\Users\<user>\.myca\server\01.key"privateUnsecureKeyFile: "C:\Users\<user>\.myca\server\01.key.unsecure"centerName: "default"caKeyFile: "C:\Users\<user>\.myca\ca.key"caCrtFile: "C:\Users\<user>\.myca\ca.crt"csrFile: "C:\Users\<user>\.myca\server\01.csr"crtFile: "C:\Users\<user>\.myca\server\01.crt" -
Initialize a center named ec
// path can be omittedmyca initcenter --name=ec --path="c:/users/<user>/.myca-ec"will output:
center created with:centerName: "ec"path: "c:/users/<user>/.myca-ec" -
Create self-signed EC CA certificate under center ec (default P-256)
myca initca --days=10950 --pass=mycapass \--cn="my root ca" --o="my company" --c=CN --centerName=ec --alg=ec \will output:
CA certificate created with:centerName: "ec"crtFile: "c:\users\<user>\.myca-ec\ca.crt"privateKeyFile: "c:\users\<user>\.myca-ec\ca.key" -
Issue a ec server certificate by center ec CA cert
myca issue --kind=server --days=730 --pass=fooo \--cn="foo.waitingsong.com" --o="my comany" --c=CN --caKeyPass=mycapass \--centerName=ec --alg=ec \ -
Issue a serve certificate with Domain Name SANs
myca issue --kind=server --days=730 --pass=fooo \--cn="waitingsong.com" --o="my company" --c=CN --caKeyPass=mycapass \--SAN="foo.waitingsong.com, bar.waitingsong.com" \ -
Issue a serve certificate with IP SANs
myca issue --kind=server --days=730 --pass=fooo \--cn="waitingsong.com" --o="my company" --c=CN --caKeyPass=mycapass \--ips=192.168.0.1 \myca issue --kind=server --days=730 --pass=fooo \--cn="waitingsong.com" --o="my company" --c=CN --caKeyPass=mycapass \--ips="192.168.0.1, 192.168.0.2" \ -
Issue a RSA client p12/pfx certificate
myca issue --kind=client --days=730 --pass=fooo \--cn="waitingsong.com" --o="my company" --c=CN --caKeyPass=mycapass \will output:
Issue a Certificate with:pubKey:-----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsu8wZDZ0a/HNtlJPqCjs9Isg795iUAJ+5OREb08hPthDN4/LOoLgepIyWbZ/A+0Gv8jHkbqlUvOJV5O5ggjRezpK3jXln621nbjS3Fzs/uw4+40e4RX7fYIoE9sk94rP+od1ZMRjE8+e+qb34ubCWiXtsyR4EyaRen23IqLNlvxGlcg4xLczaCDA06zkva+wL7qvLYF2331X/rZ+dQgYxh6iWKO7C9qcliF23OOByYIKS8jqQ8ngwHIEogIqNBdt/QyEVN7CvF4M6abQnrrx9wnnmlaRX2WiybsA06wWl7+4BgKjeULehCVQOpMsS/3QV1dO79vn9hZWM/dAPlnFQwIDAQAB-----END PUBLIC KEY-----pass: "fooo"privateKeyFile: "C:\Users\<user>\.myca\client\0A.key"centerName: "default"caKeyFile: "C:\Users\<user>\.myca\ca.key"caCrtFile: "C:\Users\<user>\.myca\ca.crt"csrFile: "C:\Users\<user>\.myca\client\0A.csr"crtFile: "C:\Users\<user>\.myca\client\0A.crt"pfxFile: "C:\Users\<user>\.myca\client\0A.p12"