command line tool to make self signed x.509 CA and cert for a domain
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
|
|
# make-fake-cert
|
|
|
|
|
|
|
|
|
|
### Usecase 1: Generating certificates for use with [threshold 🏔️🛤️🏔](https://git.sequentialread.com/sqr/threshold)
|
|
|
|
|
|
|
|
|
|
* 1st argument: domain name for server
|
|
|
|
|
* 2nd argument: client ID
|
|
|
|
|
|
|
|
|
|
`./make-fake-cert myserver.com myclient`
|
|
|
|
|
|
|
|
|
|
Note this will only work for a single client/server pair, if you want multiple clients or servers you might have to edit the code.
|
|
|
|
|
|
|
|
|
|
### Usecase 2: MITM attacking yourself or using a self signed cert in Firefox
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
go run main.go example.com
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
then in firefox go to about:preferences
|
|
|
|
|
|
|
|
|
|
search for "certificate"
|
|
|
|
|
|
|
|
|
|
then click `View Certificates...` and click Import, then select the file named like `example.com_CA.crt`
|
|
|
|
|
|
|
|
|
|
![](certificates.png)
|
|
|
|
|
|
|
|
|
|
## MAKE SURE TO DELETE THIS CA FROM YOUR CERTIFICATES LIST WHEN YOU ARE DONE USING IT
|
|
|
|
|
|