var forge = require("node-forge");
/////////ROOT CERT////////////
var rootCert = forge.pki.createCertificate();
rootCert.serialNumber = '01';
rootCert.validity.notBefore = new Date();
rootCert.validity.notAfter = new Date();
rootCert.validity.notAfter.setFullYear(rootCert.validity.notBefore.getFullYear() + 1);
var attrs = [{
name: 'commonName',
value: 'root'
}, {
name: 'countryName',
value: 'US'
}, {
shortName: 'ST',
value: 'Virginia'
}, {
name: 'localityName',
value: 'Blacksburg'
}, {
name: 'organizationName',
value: 'Test'
}, {
shortName: 'OU',
value: 'Test'
}];
rootCert.setSubject(attrs);
rootCert.setIssuer(attrs);
var rootKeypair = forge.rsa.generateKeyPair({bits: 2048, e: 0x10001});
rootCert.publicKey = rootKeypair.publicKey;
rootCert.sign(rootKeypair.privateKey);
var rootPem = forge.pki.certificateToPem(rootCert);
console.log("/////ROOT PEM",rootPem)
/////////ROOT CERT/////////////
/////////INTERMEDIATE CERT/////
var intermediate = [{
name: 'commonName',
value: 'intermediate'
}, {
name: 'countryName',
value: 'US'
}, {
shortName: 'ST',
value: 'Virginia'
}, {
name: 'localityName',
value: 'Blacksburg'
}, {
name: 'organizationName',
value: 'Test'
}, {
shortName: 'OU',
value: 'Test'
}];
var intermediateKeypair = forge.rsa.generateKeyPair({bits: 2048, e: 0x10001});
var intermediateCert = forge.pki.createCertificate({
publicKey: intermediateKeypair.publicKey,
signingKey: rootKeypair.privateKey,
serialNumber: '01',
isCA: true
});
intermediateCert.setSubject(intermediate);
intermediateCert.setIssuer(rootCert.subject.attributes);
intermediateCert.publicKey = intermediateKeypair.publicKey;
intermediateCert.sign(rootKeypair.privateKey);
var intermediatePem = forge.pki.certificateToPem(intermediateCert);
console.log("/////INTERMEDIATE PEM",intermediatePem);
/////////INTERMEDIATE CERT////
/////////ENTITY CERT /////////
var entity = [{
name: 'commonName',
value: 'entity'
}, {
name: 'countryName',
value: 'US'
}, {
shortName: 'ST',
value: 'Virginia'
}, {
name: 'localityName',
value: 'Blacksburg'
}, {
name: 'organizationName',
value: 'Test'
}, {
shortName: 'OU',
value: 'Test'
}];
var ed25519 = forge.pki.ed25519;
var entityKeypair = ed25519.generateKeyPair();
var entityCert = forge.pki.createCertificate({
publicKey: entityKeypair.publicKey,
signingKey: intermediateKeypair.privateKey,
serialNumber: '01',
isCA: false
});
entityCert.setSubject(entity);
entityCert.setIssuer(intermediateCert.subject.attributes);
entityCert.publicKey = entityKeypair.publicKey;
entityCert.sign(intermediateKeypair.privateKey);
var entityPem = forge.pki.certificateToPem(entityCert);
console.log("/////INTERMEDIATE PEM",entityCert);
/////////INTERMEDIATE CERT////