XiaoMo/anyproxy
1
0
Fork 0
mirror of https://github.com/alibaba/anyproxy.git synced 2025-06-07 01:38:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix the issue about duplicated cert serial number #70

Browse Source
This commit is contained in:
OttoMao 2016-06-06 00:05:55 +08:00
parent 0fb202ec4d
commit a925cbed55
2 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
lib/certGenerator.js
View File

@ -7,11 +7,11 @@ var defaultAttrs = [
{ shortName: 'OU', value: 'AnyProxy SSL Proxy'} { shortName: 'OU', value: 'AnyProxy SSL Proxy'}
]; ];
function getKeysAndCert(){ function getKeysAndCert(serialNumber){
var keys = forge.pki.rsa.generateKeyPair(1024); var keys = forge.pki.rsa.generateKeyPair(1024);
var cert = forge.pki.createCertificate(); var cert = forge.pki.createCertificate();
cert.publicKey = keys.publicKey; cert.publicKey = keys.publicKey;
cert.serialNumber = '01'; cert.serialNumber = serialNumber || (Math.floor(Math.random() * 100000) + '');
cert.validity.notBefore = new Date(); cert.validity.notBefore = new Date();
cert.validity.notBefore.setFullYear(cert.validity.notBefore.getFullYear() - 10); // 10 years cert.validity.notBefore.setFullYear(cert.validity.notBefore.getFullYear() - 10); // 10 years
cert.validity.notAfter = new Date(); cert.validity.notAfter = new Date();
@ -56,15 +56,20 @@ function generateRootCA(){
} }
function generateCertsForHostname(domain, rootCAConfig){ function generateCertsForHostname(domain, rootCAConfig){
var keysAndCert = getKeysAndCert();
//generate a serialNumber for domain
var md = forge.md.md5.create();
md.update(domain);
var keysAndCert = getKeysAndCert(md.digest().toHex());
keys = keysAndCert.keys; keys = keysAndCert.keys;
cert = keysAndCert.cert; cert = keysAndCert.cert;
var caCert = forge.pki.certificateFromPem(rootCAConfig.cert) var caCert = forge.pki.certificateFromPem(rootCAConfig.cert);
var caKey = forge.pki.privateKeyFromPem(rootCAConfig.key) var caKey = forge.pki.privateKeyFromPem(rootCAConfig.key);
// issuer from CA // issuer from CA
cert.setIssuer(caCert.subject.attributes) cert.setIssuer(caCert.subject.attributes);
var attrs = defaultAttrs.concat([ var attrs = defaultAttrs.concat([
{ {

2
package.json
View File

@ -1,6 +1,6 @@
{ {
"name": "anyproxy", "name": "anyproxy",
"version": "3.10.2", "version": "3.10.3Beta1",
"description": "A fully configurable proxy in NodeJS, which can handle HTTPS requests perfectly.", "description": "A fully configurable proxy in NodeJS, which can handle HTTPS requests perfectly.",
"main": "proxy.js", "main": "proxy.js",
"bin": { "bin": {