{"id":34976410,"url":"https://github.com/pvormste/certgen","last_synced_at":"2026-05-21T18:02:33.869Z","repository":{"id":326069465,"uuid":"1028965287","full_name":"pvormste/certgen","owner":"pvormste","description":null,"archived":false,"fork":false,"pushed_at":"2025-12-04T18:46:48.000Z","size":41,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-12-08T02:27:32.236Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pvormste.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-07-30T10:17:53.000Z","updated_at":"2025-12-04T18:46:51.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/pvormste/certgen","commit_stats":null,"previous_names":["pvormste/certgen"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/pvormste/certgen","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pvormste%2Fcertgen","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pvormste%2Fcertgen/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pvormste%2Fcertgen/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pvormste%2Fcertgen/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pvormste","download_url":"https://codeload.github.com/pvormste/certgen/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pvormste%2Fcertgen/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28065896,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-26T02:00:06.189Z","response_time":55,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-12-27T00:13:44.000Z","updated_at":"2025-12-27T00:13:44.589Z","avatar_url":"https://github.com/pvormste.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CertGen - Certificate Generator\n\nCertGen is a web-based tool for generating X.509 certificates for development and testing purposes. It provides an easy-to-use interface for creating Certificate Authority (CA) certificates and client/server certificates signed by a CA.\n\n## Features\n\n- Generate Certificate Authority (CA) certificates\n- Generate server certificates with DNS and IP address SANs\n- Generate client certificates\n- All certificates use ECDSA with P-384 curve for strong security\n- Configurable certificate attributes:\n  - Organization\n  - Common Name\n  - Country\n  - Locality\n  - Expiry period (in days)\n- Downloads certificates in ZIP format containing:\n  - Separate certificate file (`.crt`)\n  - Separate private key file (`.key`)\n  - Unified PEM file containing both certificate and private key (`.pem`)\n\n## Usage\n\n### Running with Go\n\n1. Start the server:\n   ```bash\n   go run main.go\n   ```\n   The server will start on port `80` by default.\n\n2. To run on a different port:\n   ```bash\n   go run main.go -addr :9595\n   # or using environment variable\n   PORT=9595 go run main.go\n   ```\n\n3. Open your web browser and navigate to `http://localhost` (or the port you configured)\n\n### Running with Docker\n\n#### Build the Docker image:\n```bash\ndocker build -t certgen .\n```\n\n#### Run the container:\n\n**On port 80 (default):**\n```bash\ndocker run -d -p 80:80 --name certgen certgen\n```\n\n**On port 443:**\n```bash\ndocker run -d -p 443:443 -e PORT=443 --name certgen certgen\n```\n\n**On a custom port (e.g., 9595):**\n```bash\ndocker run -d -p 9595:9595 -e PORT=9595 --name certgen certgen\n```\n\n**Run both HTTP and HTTPS (requires TLS setup with reverse proxy):**\n```bash\ndocker run -d -p 80:80 -p 443:443 --name certgen certgen\n```\n\nThe Docker image uses a multi-stage build:\n- **Build stage**: Uses `golang:1.25` to compile the application\n- **Runtime stage**: Uses `alpine:latest` for a minimal footprint (~15MB)\n- Runs as a non-root user for security\n- Includes CA certificates for HTTPS support\n\n### Using Certificates\n\n3. Generate certificates:\n   - First, create a CA certificate\n   - Download and save the CA certificate files\n   - Use the CA to sign new server or client certificates\n\n### Generating a CA Certificate\n\n1. Fill in the CA certificate details:\n   - Organization (e.g., \"My Company\")\n   - Common Name (e.g., \"My Company Root CA\")\n   - Country (e.g., \"US\")\n   - Locality (e.g., \"San Francisco\")\n   - Expiry Days (e.g., 365)\n\n2. Click \"Generate CA\" to create and download the CA certificate files\n\n### Generating Server/Client Certificates\n\n1. Upload your CA certificate (`.crt`) and private key (`.key`) files\n\n2. Fill in the certificate details:\n   - Organization\n   - Common Name (hostname for servers, username for clients)\n   - Country\n   - Locality\n   - Expiry Days\n   - Certificate Type (Server or Client)\n   - DNS Names (for server certificates)\n   - IP Addresses (for server certificates)\n\n3. Click \"Generate Certificate\" to create and download the certificate files\n\n## Certificate File Formats\n\nThe generated certificates are provided in multiple formats:\n\n### For CA Certificates:\n- `ca.crt` - The CA certificate in PEM format\n- `ca.key` - The CA private key in PEM format\n- `ca.pem` - A unified file containing both the CA certificate and private key\n\n### For Client/Server Certificates:\n- `[client|server].crt` - The leaf certificate in PEM format\n- `[client|server].key` - The private key in PEM format\n- `[client|server].pem` - A unified file containing both the leaf certificate and private key\n- `[client|server]-chain.pem` - Certificate chain containing the leaf certificate followed by the CA certificate (useful for validation)\n- `[client|server]-fullchain.pem` - Full chain containing the leaf certificate, CA certificate, and private key (convenient for some mTLS configurations)\n\n### When to Use Each Format\n\n- **`.crt` and `.key`**: When you need separate certificate and key files (common in many server configurations)\n- **`.pem`**: When you need certificate and key in a single file (convenient for many applications)\n- **`-chain.pem`**: When you need to present the full certificate chain for validation (required by some TLS clients)\n- **`-fullchain.pem`**: When you need everything in one file - certificate chain and private key (useful for some mTLS setups and load balancers)\n\n### Example Use Cases\n\n**Using chain files with curl:**\n```bash\n# Client authentication with full chain\ncurl --cert client-fullchain.pem --cacert ca.crt https://example.com\n\n# Server verification with chain\ncurl --cert client.pem --cacert server-chain.pem https://example.com\n```\n\n**Using with nginx:**\n```nginx\nssl_certificate /path/to/server-chain.pem;\nssl_certificate_key /path/to/server.key;\n```\n\n## Security Considerations\n\n- This tool is intended for development and testing purposes\n- Do not use generated certificates in production environments\n- Keep private keys secure and never share them\n- CA private keys are particularly sensitive as they can be used to sign new certificates\n\n## Development\n\n### Building from Source\n\n```bash\ngit clone https://github.com/pvormste/certgen.git\ncd certgen\ngo build\n```\n\n### Building Docker Image\n\n```bash\ndocker build -t certgen .\n```\n\n### Project Structure\n\n```\ncertgen/\n├── assets/\n│   ├── static/   # Static web assets\n│   └── templates/ # HTML templates\n├── internal/\n│   ├── certificate/ # Certificate generation logic\n│   └── server/     # HTTP server implementation\n├── Dockerfile      # Multi-stage Docker build\n└── main.go        # Application entry point\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpvormste%2Fcertgen","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpvormste%2Fcertgen","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpvormste%2Fcertgen/lists"}