1.0.5 • Published 4 months ago
@splpa-org/cert-helper v1.0.5
certHelper
certHelper is a small collection of scripts to implement TLS certificates for express web services. Specifically designed to work with spl-ca webservice.
Installation
npm i --save @splpa-org/cert-helperThen install the other use packages if you intend to use certManager.js
npm i --save jsrsasign node-cron axiosUsage _certHelper.sh (Linux)
linux:
Required: openssl to be installed and added to PATH variable.
#Make executable
chmod +x _certHeler.sh
#Run script, "service name" is the name of all the expected and generated files
./_certHelper.sh "service name"
#"service name.cfg" this is expected to exist and in the same format as the template.cfg file
#"service name.key" this is expected to exist and is the private key name in PEM format
#"service name.crt" this is the expected response DEM cert from spl-ca service. Place in certs/ directory.
#"service name.pem" this is the the PEM formatted cert converted from the DEM "service name.crt" file.
#enter all the info, alternative names must be done through the cfg file, they are not prompted through CLI.
#Once you enter the info the CSR will be saved as "service name.req".
#Have this signed by your CA the place the DEM formatted cert as "service name.crt" and the script will
#auto convert the cert to PEM and prompt if you want to clean up the csr and crt file.
#if you enter "y" it will just delete these files.Usage _certHelper.bat (Windows)
Required: openssl to be installed and added to PATH variable.
#Make executable
chmod +x _certHeler.sh
#Run script, "service name" is the name of all the expected and generated files
./_certHelper.sh "service name"
#"service name.cfg" this is expected to exist and in the same format as the template.cfg file
#"service name.key" this is expected to exist and is the private key name in PEM format
#"service name.crt" this is the expected response DEM cert from spl-ca service. Place in certs/ directory.
#"service name.pem" this is the the PEM formatted cert converted from the DEM "service name.crt" file.
#enter all the info, alternative names must be done through the cfg file, they are not prompted through CLI.
#Once you enter the info the CSR will be saved as "service name.req".
#Have this signed by your CA the place the DEM formatted cert as "service name.crt" and the script will
#auto convert the cert to PEM and prompt if you want to clean up the csr and crt file.
#if you enter "y" it will just delete these files.Usage certManager.js
To use certManager.js you'll first have to install jsrsasign, node-cron, and axios
npm i --save jsrsasign node-cron axiosYou will then need to import the module
const { checkCert } = require("./certs/certManager.js");
let checkCertCB = (res) => {
//as configured this runs the first time and will run in the cron task if passed to checkCert
let {isError, isDue, msg} = res;
if ( isError ) {
//Error checking the cert, msg has error message
} else if ( isDue ) {
//the was due and was auto renewed, msg has success message
} else {
//was not due and there was no error checking.
}
}
checkCertCB( await checkCert("pem_cert_path", "pem_key_path", "cert_cfg_path", checkCertCB, "env_file_path") );Contributing
Not really looking for input, though I will check out suggestion or modifications. This is mainly to import into my own custom services.