我试图创建一个无需Powershell即可存储在证书存储中的自签名证书(包括私钥)。我可以使用C使用Windows API库,但我不熟悉它们的工作方式。我需要知道如何使用Go创建证书并将该证书存储在Windows上的证书存储中。
我尝试使用Go库构建证书,并尝试使用Windows API一点
certificate.PrivateKey, certificate.Err = rsa.GenerateKey(rand.Reader, 2048)
if certificate.Err != nil {
logger.Lg.Errorf(certificate.Err, "Failed to generate the private key")
return
}
var serialNumber *big.Int
notBefore := time.Now()
notAfter := notBefore.Add(365 * 24 * time.Hour)
serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
serialNumber, certificate.Err = rand.Int(rand.Reader, serialNumberLimit)
if certificate.Err != nil {
logger.Lg.Errorf(certificate.Err, "Failed to generate the serial number")
return
}
template := x509.Certificate{
SerialNumber: serialNumber,
Subject: pkix.Name{
Organization: []string{""},
},
NotBefore: notBefore,
NotAfter: notAfter,
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
BasicConstraintsValid: true,
IsCA: true,
}
certificate.DerBytes, certificate.Err = x509.CreateCertificate(rand.Reader, &template, &template, &certificate.PrivateKey.PublicKey, certificate.PrivateKey)
if certificate.Err != nil {
logger.Lg.Errorf(certificate.Err, "Failed to create the certificate")
return
}
info, _ := pkcs12.Encode(rand.Reader, certificate.PrivateKey, &template, nil, "")
ioutil.WriteFile("a.pfx", info, 0644)
out := base64.StdEncoding.EncodeToString(info)
fmt.Println(out)