### Generate CA and Signed Key Pair for Testing Source: https://github.com/madflojo/testcerts/blob/main/README.md This snippet demonstrates generating a Certificate Authority (CA) and then using it to sign a key pair for a specific domain like 'localhost'. It also shows how to write these to files and start an HTTPS listener. A client configured with the CA's TLS config is also created for making HTTPS requests. ```go func TestFunc(t *testing.T) { // Generate Certificate Authority ca := testcerts.NewCA() go func() { // Create a signed Certificate and Key for "localhost" certs, err := ca.NewKeyPair("localhost") if err != nil { // do something } // Write certificates to a file err = certs.ToFile("/tmp/cert", "/tmp/key") if err { // do something } // Start HTTP Listener err = http.ListenAndServeTLS("localhost:443", "/tmp/cert", "/tmp/key", someHandler) if err != nil { // do something } }() // Create a client with the self-signed CA client := &http.Client{ Transport: &http.Transport{ TLSClientConfig: certs.ConfigureTLSConfig(ca.GenerateTLSConfig()), }, } // Make an HTTPS request r, _ := client.Get("https://localhost") } ``` -------------------------------- ### Generate TLS Configuration with CertificateAuthority Source: https://context7.com/madflojo/testcerts/llms.txt Use GenerateTLSConfig to create a tls.Config object suitable for both client and server TLS setups, including mTLS support. ```go package main import ( "crypto/tls" "fmt" "github.com/madflojo/testcerts" ) func main() { // Create a Certificate Authority ca := testcerts.NewCA() // Generate TLS config from CA tlsConfig := ca.GenerateTLSConfig() fmt.Printf("RootCAs configured: %v\n", tlsConfig.RootCAs != nil) fmt.Printf("ClientCAs configured: %v\n", tlsConfig.ClientCAs != nil) // Use for server requiring client certificates serverConfig := ca.GenerateTLSConfig() serverConfig.ClientAuth = tls.RequireAndVerifyClientCert // Use for client trusting the CA clientConfig := ca.GenerateTLSConfig() // Client will trust certificates signed by this CA } ``` -------------------------------- ### Configure TLS with Key Pair Source: https://context7.com/madflojo/testcerts/llms.txt Illustrates setting up mutual TLS (mTLS) for an HTTP server and client using generated key pairs and CA configurations. ```go package main import ( "crypto/tls" "fmt" "net/http" "time" "github.com/madflojo/testcerts" ) func main() { // Create CA and generate server/client key pairs ca := testcerts.NewCA() serverKP, err := ca.NewKeyPair("localhost") if err != nil { fmt.Printf("Error generating server key pair: %s\n", err) return } clientKP, err := ca.NewKeyPair() if err != nil { fmt.Printf("Error generating client key pair: %s\n", err) return } // Configure server TLS with mutual TLS (mTLS) serverTLSConfig, err := serverKP.ConfigureTLSConfig(ca.GenerateTLSConfig()) if err != nil { fmt.Printf("Error configuring server TLS: %s\n", err) return } serverTLSConfig.ClientAuth = tls.RequireAndVerifyClientCert // Write server certs to temp files certFile, keyFile, err := serverKP.ToTempFile("") if err != nil { fmt.Printf("Error creating temp files: %s\n", err) return } // Start HTTPS server with mTLS server := &http.Server{ Addr: "localhost:8443", TLSConfig: serverTLSConfig, Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Write([]byte("Hello, mTLS!")) }), } go func() { server.ListenAndServeTLS(certFile.Name(), keyFile.Name()) }() time.Sleep(1 * time.Second) // Configure client TLS clientTLSConfig, err := clientKP.ConfigureTLSConfig(ca.GenerateTLSConfig()) if err != nil { fmt.Printf("Error configuring client TLS: %s\n", err) return } // Create HTTP client with mTLS client := &http.Client{ Transport: &http.Transport{ TLSClientConfig: clientTLSConfig, }, } // Make request resp, err := client.Get("https://localhost:8443") if err != nil { fmt.Printf("Request error: %s\n", err) return } defer resp.Body.Close() fmt.Printf("Response status: %s\n", resp.Status) server.Close() } ``` -------------------------------- ### Generate Signed Key Pairs Source: https://context7.com/madflojo/testcerts/llms.txt Demonstrates creating a Certificate Authority and generating key pairs for default or specific domains, including writing them to the filesystem. ```go package main import ( "fmt" "os" "github.com/madflojo/testcerts" ) func main() { // Create a Certificate Authority ca := testcerts.NewCA() // Generate a key pair for localhost (default includes 127.0.0.1 and ::1) kp, err := ca.NewKeyPair() if err != nil { fmt.Printf("Error generating key pair: %s\n", err) return } fmt.Printf("Default key pair generated, cert length: %d bytes\n", len(kp.PublicKey())) // Generate a key pair for specific domains kpDomains, err := ca.NewKeyPair("localhost", "example.com", "api.example.com") if err != nil { fmt.Printf("Error generating key pair: %s\n", err) return } // Write key pair to files err = kpDomains.ToFile("/tmp/cert.pem", "/tmp/key.pem") if err != nil { fmt.Printf("Error writing to file: %s\n", err) return } defer os.Remove("/tmp/cert.pem") defer os.Remove("/tmp/key.pem") fmt.Println("Key pair written to /tmp/cert.pem and /tmp/key.pem") } ``` -------------------------------- ### Generate Key Pairs with Advanced Configuration Source: https://context7.com/madflojo/testcerts/llms.txt Shows how to use KeyPairConfig to define custom domains, IP addresses, serial numbers, and expiration status for testing scenarios. ```go package main import ( "fmt" "math/big" "github.com/madflojo/testcerts" ) func main() { ca := testcerts.NewCA() // Generate key pair with full configuration config := testcerts.KeyPairConfig{ Domains: []string{"localhost", "example.com", "*.example.com"}, IPAddresses: []string{"127.0.0.1", "::1", "10.0.0.1"}, SerialNumber: big.NewInt(12345), CommonName: "My Test Certificate", Expired: false, // Set to true to create an expired certificate } kp, err := ca.NewKeyPairFromConfig(config) if err != nil { fmt.Printf("Error generating key pair: %s\n", err) return } // Access certificate details cert := kp.Cert() fmt.Printf("Common Name: %s\n", cert.Subject.CommonName) fmt.Printf("Serial Number: %v\n", cert.SerialNumber) fmt.Printf("DNS Names: %v\n", cert.DNSNames) fmt.Printf("IP Addresses: %v\n", cert.IPAddresses) // Generate an expired certificate for testing expiration handling expiredConfig := testcerts.KeyPairConfig{ Domains: []string{"expired.example.com"}, Expired: true, } expiredKP, err := ca.NewKeyPairFromConfig(expiredConfig) if err != nil { fmt.Printf("Error generating expired key pair: %s\n", err) return } expiredCert := expiredKP.Cert() fmt.Printf("Expired cert NotAfter: %v (in past: %v)\n", expiredCert.NotAfter, expiredCert.NotAfter.Before(time.Now())) } ``` -------------------------------- ### Write Certificate and Key to Files Source: https://context7.com/madflojo/testcerts/llms.txt Creates a self-signed x509 certificate and private key, writing them directly to specified file paths. Existing files will be overwritten. ```go package main import ( "fmt" "net/http" "github.com/madflojo/testcerts" ) func main() { // Generate certificates and write to files err := testcerts.GenerateCertsToFile("/tmp/server.cert", "/tmp/server.key") if err != nil { fmt.Printf("Error generating certificates to file: %s\n", err) return } // Use the certificates with an HTTPS server http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { w.Write([]byte("Hello, TLS!")) }) err = http.ListenAndServeTLS(":8443", "/tmp/server.cert", "/tmp/server.key", nil) if err != nil { fmt.Printf("Server error: %s\n", err) } } ``` -------------------------------- ### GenerateCertsToTempFile - Write Certificate and Key to Temporary Files Source: https://context7.com/madflojo/testcerts/llms.txt Creates a self-signed x509 certificate and private key in randomly named temporary files within the specified directory. Returns the file paths for the created certificate and key files. ```APIDOC ## GenerateCertsToTempFile ### Description Creates a self-signed x509 certificate and private key in randomly named temporary files within the specified directory. Returns the file paths for the created certificate and key files. ### Method Not applicable (Function call) ### Endpoint Not applicable (Function call) ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example ```go package main import ( "fmt" "net/http" "os" "github.com/madflojo/testcerts" ) func main() { // Generate certificates to temp files in /tmp directory certPath, keyPath, err := testcerts.GenerateCertsToTempFile("/tmp/") if err != nil { fmt.Printf("Error generating temp certificates: %s\n", err) return } defer os.Remove(certPath) defer os.Remove(keyPath) fmt.Printf("Certificate file: %s\n", certPath) fmt.Printf("Key file: %s\n", keyPath) // Start HTTPS server with temp certificates go func() { http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { w.Write([]byte("Hello from temp certs!")) }) http.ListenAndServeTLS(":8443", certPath, keyPath, nil) }() } ``` ### Response #### Success Response (200) - **certPath** (string) - The file path to the generated temporary certificate. - **keyPath** (string) - The file path to the generated temporary private key. #### Response Example ```json { "certPath": "/tmp/cert12345.pem", "keyPath": "/tmp/key67890.pem" } ``` ``` -------------------------------- ### Generate Self-Signed Certificate and Key to Temp Files Source: https://github.com/madflojo/testcerts/blob/main/README.md Use this to create and write self-signed certificate and key files to temporary locations. Ensure to defer the removal of these files after use. ```go func TestFunc(t *testing.T) { // Create and write self-signed Certificate and Key to temporary files cert, key, err := testcerts.GenerateToTempFile("/tmp/") if err != nil { // do something } defer os.Remove(key) defer os.Remove(cert) // Start HTTP Listener with test certificates err = http.ListenAndServeTLS("127.0.0.1:443", cert, key, someHandler) if err != nil { // do something } } ``` -------------------------------- ### GenerateCertsToFile - Write Certificate and Key to Files Source: https://context7.com/madflojo/testcerts/llms.txt Creates a self-signed x509 certificate and private key and writes them directly to the specified file paths. Overwrites existing files if they exist. ```APIDOC ## GenerateCertsToFile ### Description Creates a self-signed x509 certificate and private key and writes them directly to the specified file paths. Overwrites existing files if they exist. ### Method Not applicable (Function call) ### Endpoint Not applicable (Function call) ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example ```go package main import ( "fmt" "net/http" "github.com/madflojo/testcerts" ) func main() { // Generate certificates and write to files err := testcerts.GenerateCertsToFile("/tmp/server.cert", "/tmp/server.key") if err != nil { fmt.Printf("Error generating certificates to file: %s\n", err) return } // Use the certificates with an HTTPS server http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { w.Write([]byte("Hello, TLS!")) }) err = http.ListenAndServeTLS(":8443", "/tmp/server.cert", "/tmp/server.key", nil) if err != nil { fmt.Printf("Server error: %s\n", err) } } ``` ### Response #### Success Response (200) No explicit return value, success indicated by nil error. #### Response Example None ``` -------------------------------- ### Configure Key Pairs with KeyPairConfig Source: https://context7.com/madflojo/testcerts/llms.txt Define custom certificate parameters such as domains, IP addresses, and serial numbers, and validate the configuration before generation. ```go package main import ( "fmt" "math/big" "github.com/madflojo/testcerts" ) func main() { // Valid configuration with domains configDomains := testcerts.KeyPairConfig{ Domains: []string{"example.com", "*.example.com"}, } if err := configDomains.Validate(); err != nil { fmt.Printf("Validation error: %s\n", err) } // Valid configuration with IP addresses configIPs := testcerts.KeyPairConfig{ IPAddresses: []string{"127.0.0.1", "::1", "10.0.0.1"}, } if err := configIPs.Validate(); err != nil { fmt.Printf("Validation error: %s\n", err) } // Full configuration configFull := testcerts.KeyPairConfig{ Domains: []string{"localhost", "api.example.com"}, IPAddresses: []string{"127.0.0.1", "192.168.1.1"}, SerialNumber: big.NewInt(999), CommonName: "Test API Server", Expired: false, } // Get parsed IP addresses ips, err := configFull.IPNetAddresses() if err != nil { fmt.Printf("IP parse error: %s\n", err) return } fmt.Printf("Parsed IPs: %v\n", ips) // Empty config validation (returns ErrEmptyConfig) emptyConfig := testcerts.KeyPairConfig{} if err := emptyConfig.Validate(); err == testcerts.ErrEmptyConfig { fmt.Println("Empty config correctly rejected") } // Invalid IP validation (returns ErrInvalidIP) invalidConfig := testcerts.KeyPairConfig{ IPAddresses: []string{"not-an-ip"}, } if err := invalidConfig.Validate(); err == testcerts.ErrInvalidIP { fmt.Println("Invalid IP correctly rejected") } } ``` -------------------------------- ### Write Certificate and Key to Temporary Files Source: https://context7.com/madflojo/testcerts/llms.txt Generates a self-signed x509 certificate and private key into randomly named temporary files within a specified directory. Returns the file paths of the created files. ```go package main import ( "fmt" "net/http" "os" "github.com/madflojo/testcerts" ) func main() { // Generate certificates to temp files in /tmp directory certPath, keyPath, err := testcerts.GenerateCertsToTempFile("/tmp/") if err != nil { fmt.Printf("Error generating temp certificates: %s\n", err) return } defer os.Remove(certPath) defer os.Remove(keyPath) fmt.Printf("Certificate file: %s\n", certPath) fmt.Printf("Key file: %s\n", keyPath) // Start HTTPS server with temp certificates go func() { http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { w.Write([]byte("Hello from temp certs!")) }) http.ListenAndServeTLS(":8443", certPath, keyPath, nil) }() } ``` -------------------------------- ### Write CA Certificates to Files Source: https://context7.com/madflojo/testcerts/llms.txt Persist CA certificates and private keys to disk using either specific file paths or temporary files. ```go package main import ( "fmt" "os" "github.com/madflojo/testcerts" ) func main() { ca := testcerts.NewCA() // Write CA to specific files err := ca.ToFile("/tmp/ca.cert", "/tmp/ca.key") if err != nil { fmt.Printf("Error writing CA to file: %s\n", err) return } defer os.Remove("/tmp/ca.cert") defer os.Remove("/tmp/ca.key") fmt.Println("CA written to /tmp/ca.cert and /tmp/ca.key") // Write CA to temp files certFile, keyFile, err := ca.ToTempFile("") if err != nil { fmt.Printf("Error writing CA to temp file: %s\n", err) return } defer os.Remove(certFile.Name()) defer os.Remove(keyFile.Name()) fmt.Printf("CA temp cert: %s\n", certFile.Name()) fmt.Printf("CA temp key: %s\n", keyFile.Name()) } ``` -------------------------------- ### Generate Self-Signed Certificate and Key (Byte Slices) Source: https://context7.com/madflojo/testcerts/llms.txt Generates a self-signed x509 certificate and private key as PEM-encoded byte slices. Optionally include domain names for Subject Alternative Names. ```go package main import ( "fmt" "github.com/madflojo/testcerts" ) func main() { // Generate a basic self-signed certificate (no domains) cert, key, err := testcerts.GenerateCerts() if err != nil { fmt.Printf("Error generating certificates: %s\n", err) return } fmt.Printf("Certificate length: %d bytes\n", len(cert)) fmt.Printf("Key length: %d bytes\n", len(key)) // Generate certificate for specific domains certWithDomains, keyWithDomains, err := testcerts.GenerateCerts("example.com", "example.org", "localhost") if err != nil { fmt.Printf("Error generating certificates: %s\n", err) return } fmt.Printf("Certificate with domains: %d bytes\n", len(certWithDomains)) fmt.Printf("Key with domains: %d bytes\n", len(keyWithDomains)) } ``` -------------------------------- ### GenerateCerts - Generate Certificate and Key as Byte Slices Source: https://context7.com/madflojo/testcerts/llms.txt Generates a self-signed x509 certificate and private key, returning them as PEM-encoded byte slices. Optionally accepts domain names to include in the certificate's Subject Alternative Names. ```APIDOC ## GenerateCerts ### Description Generates a self-signed x509 certificate and private key, returning them as PEM-encoded byte slices. Optionally accepts domain names to include in the certificate's Subject Alternative Names. ### Method Not applicable (Function call) ### Endpoint Not applicable (Function call) ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example ```go package main import ( "fmt" "github.com/madflojo/testcerts" ) func main() { // Generate a basic self-signed certificate (no domains) cert, key, err := testcerts.GenerateCerts() if err != nil { fmt.Printf("Error generating certificates: %s\n", err) return } fmt.Printf("Certificate length: %d bytes\n", len(cert)) fmt.Printf("Key length: %d bytes\n", len(key)) // Generate certificate for specific domains certWithDomains, keyWithDomains, err := testcerts.GenerateCerts("example.com", "example.org", "localhost") if err != nil { fmt.Printf("Error generating certificates: %s\n", err) return } fmt.Printf("Certificate with domains: %d bytes\n", len(certWithDomains)) fmt.Printf("Key with domains: %d bytes\n", len(keyWithDomains)) } ``` ### Response #### Success Response (200) - **cert** ([]byte) - PEM-encoded certificate as a byte slice. - **key** ([]byte) - PEM-encoded private key as a byte slice. #### Response Example ```json { "cert": "-----BEGIN CERTIFICATE-----\n...\n-----END CERTIFICATE-----", "key": "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----" } ``` ``` -------------------------------- ### KeyPair.ConfigureTLSConfig Source: https://context7.com/madflojo/testcerts/llms.txt Configures a tls.Config with the key pair's certificate and private key. Can be used for both server and client TLS configurations. ```APIDOC ## KeyPair.ConfigureTLSConfig - Configure TLS with Key Pair ### Description Configures a tls.Config with the key pair's certificate and private key. Can be used for both server and client TLS configurations. ### Method Not applicable (This is a Go function call, not an HTTP endpoint) ### Endpoint Not applicable ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example ```go // Example usage within a Go program for server configuration ca := testcerts.NewCA() serverKP, err := ca.NewKeyPair("localhost") serverTLSConfig, err := serverKP.ConfigureTLSConfig(ca.GenerateTLSConfig()) serverTLSConfig.ClientAuth = tls.RequireAndVerifyClientCert // ... use serverTLSConfig for http.Server ... // Example usage within a Go program for client configuration clientKP, err := ca.NewKeyPair() clientTLSConfig, err := clientKP.ConfigureTLSConfig(ca.GenerateTLSConfig()) // ... use clientTLSConfig for http.Client ... ``` ### Response #### Success Response Returns a configured `*tls.Config` object. #### Response Example ```go // The returned object is a standard Go tls.Config // Example: // server := &http.Server{ // Addr: "localhost:8443", // TLSConfig: serverTLSConfig, // // ... other server options ... // } ``` ``` -------------------------------- ### Create a Certificate Authority Source: https://context7.com/madflojo/testcerts/llms.txt Creates a new self-signed Certificate Authority (CA) capable of signing key pairs for any domain. Provides methods to access the CA's certificate, certificate pool, public key, and private key. ```go package main import ( "crypto/tls" "fmt" "github.com/madflojo/testcerts" ) func main() { // Create a new Certificate Authority ca := testcerts.NewCA() // Access CA certificate details crt := ca.Cert() fmt.Printf("CA Organization: %s\n", crt.Subject.Organization[0]) fmt.Printf("CA Serial Number: %v\n", crt.SerialNumber) fmt.Printf("CA Is CA: %v\n", crt.IsCA) // Get PEM-encoded public and private keys publicKey := ca.PublicKey() privateKey := ca.PrivateKey() fmt.Printf("Public key length: %d bytes\n", len(publicKey)) fmt.Printf("Private key length: %d bytes\n", len(privateKey)) // Get certificate pool for TLS configuration crtPool := ca.CertPool() tlsConfig := &tls.Config{ RootCAs: crtPool, } fmt.Printf("TLS Config RootCAs configured: %v\n", tlsConfig.RootCAs != nil) } ``` -------------------------------- ### CertificateAuthority.ToFile and ToTempFile Source: https://context7.com/madflojo/testcerts/llms.txt Writes the Certificate Authority's certificate and private key to files or temporary files. ```APIDOC ## CertificateAuthority.ToFile and ToTempFile ### Description Writes the Certificate Authority's certificate and private key to files. ToFile writes to specified paths, while ToTempFile creates temporary files with random names. ### Request Example // Write CA to specific files err := ca.ToFile("/tmp/ca.cert", "/tmp/ca.key") // Write CA to temp files certFile, keyFile, err := ca.ToTempFile("") ``` -------------------------------- ### KeyPairConfig Source: https://context7.com/madflojo/testcerts/llms.txt Configuration structure for defining key pair generation parameters including domains, IPs, and serial numbers. ```APIDOC ## KeyPairConfig ### Description The KeyPairConfig structure provides fine-grained control over certificate generation, including domains, IP addresses, serial numbers, common names, and expired certificate generation for testing edge cases. ### Request Example config := testcerts.KeyPairConfig{ Domains: []string{"example.com"}, IPAddresses: []string{"127.0.0.1"}, CommonName: "Test API Server", } ``` -------------------------------- ### CertificateAuthority.NewKeyPairFromConfig Source: https://context7.com/madflojo/testcerts/llms.txt Creates a key pair with advanced configuration options including custom domains, IP addresses, serial numbers, common names, and the ability to generate expired certificates for testing. ```APIDOC ## CertificateAuthority.NewKeyPairFromConfig - Generate Key Pairs with Advanced Configuration ### Description Creates a key pair with advanced configuration options including custom domains, IP addresses, serial numbers, common names, and the ability to generate expired certificates for testing. ### Method Not applicable (This is a Go function call, not an HTTP endpoint) ### Endpoint Not applicable ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **config** (KeyPairConfig) - Required - Configuration object for generating the key pair. - **Domains** ([]string) - Optional - List of domain names for the certificate. - **IPAddresses** ([]string) - Optional - List of IP addresses for the certificate. - **SerialNumber** (*big.Int) - Optional - Custom serial number for the certificate. - **CommonName** (string) - Optional - The Common Name for the certificate. - **Expired** (bool) - Optional - If true, generates an expired certificate. ### Request Example ```go // Example usage within a Go program config := testcerts.KeyPairConfig{ Domains: []string{"localhost", "*.example.com"}, IPAddresses: []string{"127.0.0.1"}, SerialNumber: big.NewInt(12345), CommonName: "My Test Certificate", Expired: false, } ca := testcerts.NewCA() kp, err := ca.NewKeyPairFromConfig(config) // ... handle error and use kp ... ``` ### Response #### Success Response Returns a KeyPair object containing the certificate and private key. #### Response Example ```go // Accessing certificate details from the KeyPair object: cert := kp.Cert() fmt.Printf("Common Name: %s\n", cert.Subject.CommonName) fmt.Printf("Serial Number: %v\n", cert.SerialNumber) ``` ``` -------------------------------- ### NewCA - Create a Certificate Authority Source: https://context7.com/madflojo/testcerts/llms.txt Creates a new self-signed Certificate Authority that can sign key pairs for any domain. The CA includes methods to access its certificate, certificate pool, public key, and private key. ```APIDOC ## NewCA ### Description Creates a new self-signed Certificate Authority that can sign key pairs for any domain. The CA includes methods to access its certificate, certificate pool, public key, and private key. ### Method Not applicable (Function call) ### Endpoint Not applicable (Function call) ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example ```go package main import ( "crypto/tls" "fmt" "github.com/madflojo/testcerts" ) func main() { // Create a new Certificate Authority ca := testcerts.NewCA() // Access CA certificate details cert := ca.Cert() fmt.Printf("CA Organization: %s\n", cert.Subject.Organization[0]) fmt.Printf("CA Serial Number: %v\n", cert.SerialNumber) fmt.Printf("CA Is CA: %v\n", cert.IsCA) // Get PEM-encoded public and private keys publicKey := ca.PublicKey() privateKey := ca.PrivateKey() fmt.Printf("Public key length: %d bytes\n", len(publicKey)) fmt.Printf("Private key length: %d bytes\n", len(privateKey)) // Get certificate pool for TLS configuration certPool := ca.CertPool() tlsConfig := &tls.Config{ RootCAs: certPool, } fmt.Printf("TLS Config RootCAs configured: %v\n", tlsConfig.RootCAs != nil) } ``` ### Response #### Success Response (200) - **ca** (*testcerts.CA) - A CA object with methods to retrieve its certificate, public key, private key, and certificate pool. #### Response Example ```json { "ca": { "cert": "-----BEGIN CERTIFICATE-----\n...\n-----END CERTIFICATE-----", "privateKey": "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----", "certPool": { /* internal representation of certificate pool */ }, "publicKey": "-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----" } } ``` ``` -------------------------------- ### CertificateAuthority.GenerateTLSConfig Source: https://context7.com/madflojo/testcerts/llms.txt Generates a tls.Config object pre-configured with the Certificate Authority as both RootCAs and ClientCAs. ```APIDOC ## CertificateAuthority.GenerateTLSConfig ### Description Returns a tls.Config pre-configured with the Certificate Authority as both the RootCAs and ClientCAs, suitable for both server and client TLS configurations. ### Request Example ca := testcerts.NewCA() tlsConfig := ca.GenerateTLSConfig() ``` -------------------------------- ### CertificateAuthority.NewKeyPair Source: https://context7.com/madflojo/testcerts/llms.txt Generates a new key pair signed by the Certificate Authority for specified domains. The domains are included in the certificate's Subject Alternative Names (SANs). ```APIDOC ## CertificateAuthority.NewKeyPair - Generate Signed Key Pairs ### Description Generates a new key pair signed by the Certificate Authority for specified domains. The domains are included in the certificate's Subject Alternative Names (SANs). ### Method Not applicable (This is a Go function call, not an HTTP endpoint) ### Endpoint Not applicable ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example ```go // Example usage within a Go program ca := testcerts.NewCA() kp, err := ca.NewKeyPair("localhost", "example.com") // ... handle error and use kp ... ``` ### Response #### Success Response Returns a KeyPair object containing the certificate and private key. #### Response Example ```go // The KeyPair object has methods like PublicKey(), Cert(), PrivateKey(), ToFile(), ToTempFile() // Example of accessing public key length: // fmt.Printf("Public key length: %d bytes\n", len(kp.PublicKey())) ``` ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.