Testing-only Certificate Authority (CA) for your local development environment ONLY. This is in no way suitable for production of any kind.
This package will automatically create new keypairs as needed, with the CA cert lasting a year by default and the leaf certs 3 days by default.
Currently, there is NO SECURITY for the private keys. These should be stored in an OS-specific keychain one day.
npm install @cto.af/caFull API documentation is available.
Example:
import {createCert} from '@cto.af/ca';
import {createServer} from 'node:tls';
// This reads and writes files from a user-scoped config directory for
// the CA cert and cwd()/.cert for the certificate.
const {key, cert} = await createCert({
host: 'foo.local', // Default: 'localhost'
});
const server = createServer({key, cert}, () => {
// Handle connection
});A rudimentary CLI is provided.
Usage: cto-af-ca [options] [command]
Options:
-d,--dir <DIRECTORY> Directory for CA certs (default:
"[User config directory]/@cto.af/ca-nodejs")
-h, --help display help for command
-q,--quiet Less verbose
-v,--verbose More verbose
Commands:
cert [options] Create a cert signed by the CA
create [options] Create a CA certificate
dir Show directory for certs
list List exising certs by subject
rm <SUBJECT> Remove a CA cert by subject
help [command] display help for command
