Open vricosti opened 1 month ago
Try like this
import forge from 'node-forge';
import modPow from 'react-native-modpow';
forge.jsbn.BigInteger.prototype.modPow = function nativeModPow(e, m) {
const result = modPow({
target: this.toString(16),
value: e.toString(16),
modifier: m.toString(16),
});
return new forge.jsbn.BigInteger(result, 16);
};
export async function createX509Certificate(subjectName) {
return new Promise((resolve, reject) => {
// Create a new key pair
const certificateKey = forge.pki.rsa.generateKeyPair({
bits: 2048,
e: 65537,
});
const csr = forge.pki.createCertificationRequest();
csr.publicKey = certificateKey.publicKey;
// Set subject with just the Common Name
csr.setSubject([{name: 'commonName', value: `${subjectName}`}]);
// Add key usage extension
csr.addAttribute({
name: 'extensionRequest',
extensions: [
{
name: 'keyUsage',
digitalSignature: true,
keyEncipherment: true,
},
],
});
// Add basic constraints extension
csr.addAttribute({
name: 'extensionRequest',
extensions: [
{
name: 'basicConstraints',
cA: false,
},
],
});
// Add extended key usage extension
csr.addAttribute({
name: 'extensionRequest',
extensions: [
{
name: 'extKeyUsage',
serverAuth: true,
clientAuth: true,
},
],
});
// Sign the CSR with the private key
csr.sign(certificateKey.privateKey);
// Convert the CSR to PEM format
let certificate = forge.pki.certificationRequestToPem(csr);
// remove all the line break
// certificate = certificate.replace(/(\r\n|\n|\r)/gm, '');
// // remove -----BEGIN CERTIFICATE REQUEST----- & -----END CERTIFICATE REQUEST-----
// certificate = certificate.substring(35, certificate.length - 33);
console.log({certificate, certificateKey});
resolve({certificate, certificateKey});
});
}
Hi,
I am using forge to create a self-signed certificate but I would like to add subjectAltName property, in openssl we can do it by passing the -addext "subjectAltName = IP.1:1.2.3.4".
Do I need to add inside attributes ?