{"id":28523590,"url":"https://github.com/doth-j/certificate-forger","last_synced_at":"2025-07-06T05:31:45.144Z","repository":{"id":154085644,"uuid":"631736596","full_name":"Doth-J/certificate-forger","owner":"Doth-J","description":"Command line tool for easily creating self-signed RSA certificates","archived":false,"fork":false,"pushed_at":"2023-04-24T00:08:05.000Z","size":9,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-06-09T10:09:42.056Z","etag":null,"topics":["node-forge","rsa","x509certificates"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Doth-J.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2023-04-24T00:02:58.000Z","updated_at":"2023-04-24T00:09:48.000Z","dependencies_parsed_at":null,"dependency_job_id":"3747ae31-dc3d-4e05-b31f-57ea4ab18408","html_url":"https://github.com/Doth-J/certificate-forger","commit_stats":{"total_commits":3,"total_committers":1,"mean_commits":3.0,"dds":0.0,"last_synced_commit":"5737d78f02230484c08fa79664b9e947e3a64941"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Doth-J/certificate-forger","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Doth-J%2Fcertificate-forger","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Doth-J%2Fcertificate-forger/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Doth-J%2Fcertificate-forger/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Doth-J%2Fcertificate-forger/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Doth-J","download_url":"https://codeload.github.com/Doth-J/certificate-forger/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Doth-J%2Fcertificate-forger/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263853293,"owners_count":23520118,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["node-forge","rsa","x509certificates"],"created_at":"2025-06-09T10:09:07.385Z","updated_at":"2025-07-06T05:31:45.137Z","avatar_url":"https://github.com/Doth-J.png","language":"JavaScript","readme":"# Certificate Forger :closed_book:\nCommand line tool for easily creating self-signed RSA certificates using the [`node-forge`](https://www.npmjs.com/package/node-forge) module. \n\n## Installation :zap:\n- The tool can be installed globally throught npm, then use `cforge` to access it:\n```console\nnpm install -g certificate-forger\ncforge --help\n```\n- It can also be installed locally in your module, you can then use `npx` to create certificates:\n```console\nnpm install certificate-forger\nnpx cforge --help\n```\n\n## Certificate Creation :scroll:\n### Using the tool :hammer:\nThe tool uses [`node-forge`](https://www.npmjs.com/package/node-forge) module to create a RSA keypair of the chosen size and  a new certificate with the provided attributes and alternative options (if enabled). To use the tool execute the `cforge` command ans choose the options to enable:\n```console\n\u003e cforge --help OR npx cforge --help\nUsage: cforge [options]\n\nGenerate X.509 PEM certificates using node-forge\n\nOptions:\n  -V, --version  output the version number\n  -a,--alt       Enable alternatives option (default: false)\n  -o,--out       Output certificate to file (default: false)\n  -h, --help     display help for command\n```\n### Key-Size :old_key:\nThe tool provides `1024`, `2048`, `4096`, `8192` key size options for the RSA keypair generation.\n\n## Options :gear:\n### Exporting to PEM files :open_file_folder:\nAdding the `-o` or `--out` option will enable the prompr for providing an output directory location for storing the generated certificate, by default point to a `certificate` folder in the current working directory:\n```console\n\u003e cforge -o\n✔ RSA Modulus Size › 2048\n✔ Certificate Attibutes: (commonName=example.com) … CN=example.com, OU=Test\n✔ Add more attributes? … yes\n✔ Certificate Attibutes: (commonName=example.com) … *SU=Test\n√ Output Location: ... /home/doth/certificates\n...\n```\nThe certificate and private key can be found in the chose location as shown below:\n```console\n\u003e ls ./certificates\ncert.pem   pkey.pem\n\u003e cat ./certificates/cert.pem\n-----BEGIN CERTIFICATE-----\nMIIC3TCCAcWgAwIBAgIUASa8LJwe4krRfHlQOHmvNzQB4fQwDQYJKoZIhvcNAQEF\nBQAwITESMBAGAQATC2V4YW1wbGUuY29tMQswCQYBABMEVGVzdDAeFw0yMzA0MjMy\nMzQ2NDhaFw0yMzA0MjQyMzQ2NDhaMCExEjAQBgEAEwtleGFtcGxlLmNvbTELMAkG\n...\n```\n\n### Adding Alternative IPs \u0026 URIs :link:\nIf you add the `-a` or `--alt` option, the tool will prompt for alternative IPs and URIs to add to the certificate. Both inputs can take multiple arguments using `,` as the seperator:\n```console\n\u003e cforge -a\n...\n√ Alternative IPs: ... 172.16.1.1, 172.16.1.2\n√ Alternative URIs: ... http://server.com \n...\n```\n\n### Adding OID Attributes :wrench:\nCertificate attributes must be in the format `\u003cname/*ShortName\u003e=\u003cvalue\u003e` *(Use the `*` to add a ShortName identifier for the attribute instead of name)*.\nWhen adding attributes to the certificate, they should correspond to existing OIDs defined in the `node-forge` module, below is a list of the [Object IDentifiers](https://en.wikipedia.org/wiki/Object_identifier) available to provide as attributes for the certificate:\n```js\n    commonName: '2.5.4.3',\n    surname: '2.5.4.4',\n    serialNumber: '2.5.4.5',\n    countryName: '2.5.4.6',\n    localityName: '2.5.4.7',\n    stateOrProvinceName: '2.5.4.8',\n    streetAddress: '2.5.4.9',\n    organizationName: '2.5.4.10',\n    organizationalUnitName: '2.5.4.11',\n    title: '2.5.4.12',\n    description: '2.5.4.13',\n    businessCategory: '2.5.4.15',\n    postalCode: '2.5.4.17',\n    givenName: '2.5.4.42',\n    rsaEncryption: '1.2.840.113549.1.1.1',\n    md5WithRSAEncryption: '1.2.840.113549.1.1.4',\n    sha1WithRSAEncryption: '1.2.840.113549.1.1.5',\n    'RSAES-OAEP': '1.2.840.113549.1.1.7',\n    mgf1: '1.2.840.113549.1.1.8',\n    pSpecified: '1.2.840.113549.1.1.9',\n    'RSASSA-PSS': '1.2.840.113549.1.1.10',\n    sha256WithRSAEncryption: '1.2.840.113549.1.1.11',\n    sha384WithRSAEncryption: '1.2.840.113549.1.1.12',\n    sha512WithRSAEncryption: '1.2.840.113549.1.1.13',\n    EdDSA25519: '1.3.101.112',\n    'dsa-with-sha1': '1.2.840.10040.4.3',\n    desCBC: '1.3.14.3.2.7',\n    sha1: '1.3.14.3.2.26',\n    sha1WithRSASignature: '1.3.14.3.2.29',\n    sha256: '2.16.840.1.101.3.4.2.1',\n    sha384: '2.16.840.1.101.3.4.2.2',\n    sha512: '2.16.840.1.101.3.4.2.3',\n    sha224: '2.16.840.1.101.3.4.2.4',\n    'sha512-224': '2.16.840.1.101.3.4.2.5',\n    'sha512-256': '2.16.840.1.101.3.4.2.6',\n    md2: '1.2.840.113549.2.2',\n    md5: '1.2.840.113549.2.5',\n    data: '1.2.840.113549.1.7.1',\n    signedData: '1.2.840.113549.1.7.2',\n    envelopedData: '1.2.840.113549.1.7.3',\n    signedAndEnvelopedData: '1.2.840.113549.1.7.4',\n    digestedData: '1.2.840.113549.1.7.5',\n    encryptedData: '1.2.840.113549.1.7.6',\n    emailAddress: '1.2.840.113549.1.9.1',\n    unstructuredName: '1.2.840.113549.1.9.2',\n    contentType: '1.2.840.113549.1.9.3',\n    messageDigest: '1.2.840.113549.1.9.4',\n    signingTime: '1.2.840.113549.1.9.5',\n    counterSignature: '1.2.840.113549.1.9.6',\n    challengePassword: '1.2.840.113549.1.9.7',\n    unstructuredAddress: '1.2.840.113549.1.9.8',\n    extensionRequest: '1.2.840.113549.1.9.14',\n    friendlyName: '1.2.840.113549.1.9.20',\n    localKeyId: '1.2.840.113549.1.9.21',\n    x509Certificate: '1.2.840.113549.1.9.22.1',\n    keyBag: '1.2.840.113549.1.12.10.1.1',\n    pkcs8ShroudedKeyBag: '1.2.840.113549.1.12.10.1.2',\n    certBag: '1.2.840.113549.1.12.10.1.3',\n    crlBag: '1.2.840.113549.1.12.10.1.4',\n    secretBag: '1.2.840.113549.1.12.10.1.5',\n    safeContentsBag: '1.2.840.113549.1.12.10.1.6',\n    pkcs5PBES2: '1.2.840.113549.1.5.13',\n    pkcs5PBKDF2: '1.2.840.113549.1.5.12',\n    pbeWithSHAAnd128BitRC4: '1.2.840.113549.1.12.1.1',\n    pbeWithSHAAnd40BitRC4: '1.2.840.113549.1.12.1.2',\n    'pbeWithSHAAnd3-KeyTripleDES-CBC': '1.2.840.113549.1.12.1.3',\n    'pbeWithSHAAnd2-KeyTripleDES-CBC': '1.2.840.113549.1.12.1.4',\n    'pbeWithSHAAnd128BitRC2-CBC': '1.2.840.113549.1.12.1.5',\n    'pbewithSHAAnd40BitRC2-CBC': '1.2.840.113549.1.12.1.6',\n    hmacWithSHA1: '1.2.840.113549.2.7',\n    hmacWithSHA224: '1.2.840.113549.2.8',\n    hmacWithSHA256: '1.2.840.113549.2.9',\n    hmacWithSHA384: '1.2.840.113549.2.10',\n    hmacWithSHA512: '1.2.840.113549.2.11',\n    'des-EDE3-CBC': '1.2.840.113549.3.7',\n    'aes128-CBC': '2.16.840.1.101.3.4.1.2',\n    'aes192-CBC': '2.16.840.1.101.3.4.1.22',\n    'aes256-CBC': '2.16.840.1.101.3.4.1.42',\n    jurisdictionOfIncorporationStateOrProvinceName: '1.3.6.1.4.1.311.60.2.1.2',\n    jurisdictionOfIncorporationCountryName: '1.3.6.1.4.1.311.60.2.1.3',\n    nsCertType: '2.16.840.1.113730.1.1',\n    nsComment: '2.16.840.1.113730.1.13',\n    '2.5.29.1': 'authorityKeyIdentifier',\n    '2.5.29.2': 'keyAttributes',\n    '2.5.29.3': 'certificatePolicies',\n    '2.5.29.4': 'keyUsageRestriction',\n    '2.5.29.5': 'policyMapping',\n    '2.5.29.6': 'subtreesConstraint',\n    '2.5.29.7': 'subjectAltName',\n    '2.5.29.8': 'issuerAltName',\n    '2.5.29.9': 'subjectDirectoryAttributes',\n    '2.5.29.10': 'basicConstraints',\n    '2.5.29.11': 'nameConstraints',\n    '2.5.29.12': 'policyConstraints',\n    '2.5.29.13': 'basicConstraints',\n    subjectKeyIdentifier: '2.5.29.14',\n    keyUsage: '2.5.29.15',\n    subjectAltName: '2.5.29.17',\n    issuerAltName: '2.5.29.18',\n    basicConstraints: '2.5.29.19',\n    '2.5.29.20': 'cRLNumber',\n    '2.5.29.21': 'cRLReason',\n    '2.5.29.22': 'expirationDate',\n    '2.5.29.23': 'instructionCode',\n    '2.5.29.24': 'invalidityDate',\n    '2.5.29.25': 'cRLDistributionPoints',\n    '2.5.29.26': 'issuingDistributionPoint',\n    '2.5.29.27': 'deltaCRLIndicator',\n    '2.5.29.28': 'issuingDistributionPoint',\n    '2.5.29.29': 'certificateIssuer',\n    '2.5.29.30': 'nameConstraints',\n    cRLDistributionPoints: '2.5.29.31',\n    certificatePolicies: '2.5.29.32',\n    '2.5.29.33': 'policyMappings',\n    '2.5.29.34': 'policyConstraints',\n    authorityKeyIdentifier: '2.5.29.35',\n    '2.5.29.36': 'policyConstraints',\n    extKeyUsage: '2.5.29.37',\n    '2.5.29.46': 'freshestCRL',\n    '2.5.29.54': 'inhibitAnyPolicy',\n    timestampList: '1.3.6.1.4.1.11129.2.4.2',\n    authorityInfoAccess: '1.3.6.1.5.5.7.1.1',\n    serverAuth: '1.3.6.1.5.5.7.3.1',\n    clientAuth: '1.3.6.1.5.5.7.3.2',\n    codeSigning: '1.3.6.1.5.5.7.3.3',\n    emailProtection: '1.3.6.1.5.5.7.3.4',\n    timeStamping: '1.3.6.1.5.5.7.3.8'\n```","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdoth-j%2Fcertificate-forger","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdoth-j%2Fcertificate-forger","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdoth-j%2Fcertificate-forger/lists"}