In this article we’ll cover creating and signing x509 Certificates in Golang. This exercise can be a helpful reference if you’re writing integration tests for web services which should test HTTPS functionality, or otherwise working on certificate handling code.
Create a Certificate Authority
In this article we’ll create and manage our own Certificate Authority (CA) locally to keep the examples here simple. Working with CAs locally will help prepare you for working with other public certificate authorities later.
Note that the field
IsCA is set to
true above indicating this certificate is a CA certificate.
We’ll generate a private key for the CA:
And create the certificate:
We’ll PEM Encode our certificate and private key for signing other certificates in upcoming steps:
Now we’re ready to use this CA.
Generate & Signing a Certificate
The next exercise is to create a certificate which our CA will sign: