Go：如何向 x509.Certificate 添加扩展名 (subjectAltName)？

我正在创建一个 CA 证书。我想添加带有一些值的 subjectAltName 扩展名，例如电子邮件或 crl 或公共证书位置等。package mainimport ( "crypto/rand" "crypto/rsa" "crypto/x509" "crypto/x509/pkix" "encoding/asn1" "encoding/pem" "fmt" "math/big" "os" "time" //"net" //"strconv")func main() { template := x509.Certificate{} template.Subject = pkix.Name{ Organization: []string{"domain.tld", "My Name"}, StreetAddress: []string{"Whatever. 123"}, PostalCode: []string{"12345"}, Province: []string{"Redneckville"}, Locality: []string{"Woods"}, Country: []string{"US"}, CommonName: "CA domain my name", } template.NotBefore = time.Now() template.NotAfter = template.NotBefore.Add(87658 * time.Hour) template.KeyUsage = x509.KeyUsageCertSign | x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCRLSign template.ExtKeyUsage = []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth} template.IsCA = true template.BasicConstraintsValid = true extSubjectAltName := pkix.Extension{} extSubjectAltName.Id = asn1.ObjectIdentifier{2, 5, 29, 17} extSubjectAltName.Critical = false var e error extSubjectAltName.Value, e = asn1.Marshal([]string{`email:mail@domain.tld`, `URI:http://ca.domain.tld/`}) if e != nil { fmt.Println(e.Error()) return }当我这样做时，结果是X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment, Certificate Sign, CRL Sign X509v3 Extended Key Usage: TLS Web Client Authentication, TLS Web Server Authentication X509v3 Basic Constraints: critical CA:TRUE所以，但我希望像 X509v3 Subject Alternative Name: email:caoperator@disig.sk, URI:http://www.disig.sk/ca如何使用这些值添加扩展名？我也试过 Value: []byte(``email:my@email.com, URI:http://some.tld/uri``)< double "`" 因为格式化

查看完整描述

Go：如何向 x509.Certificate 添加扩展名 (subjectAltName)？

Go：如何向 x509.Certificate 添加扩展名 (subjectAltName)？

3 回答

添加回答

热搜

最近搜索清空

Go：如何向 x509.Certificate 添加扩展名 (subjectAltName)？

Go：如何向 x509.Certificate 添加扩展名 (subjectAltName)？

3 回答

添加回答