function create_default_certificates(done) {
var base_name = certificateDir;
var hostname = config.hostname;
console.log(" hostname = ", hostname);
var clientURN = makeApplicationUrn(hostname, "NodeOPCUA-Client");
var serverURN = makeApplicationUrn(hostname, "NodeOPCUA-Server");
var discoveryServerURN = makeApplicationUrn(hostname, "NodeOPCUA-DiscoveryServer");
var task1 = [
displayTitle.bind(null, "Create Application Certificate for Server & its private key"),
__create_default_certificates.bind(null, base_name, "client_", clientURN),
displayTitle.bind(null, "Create Application Certificate for Client & its private key"),
__create_default_certificates.bind(null, base_name, "server_", serverURN),
displayTitle.bind(null, "Create Application Certificate for DiscoveryServer & its private key"),
__create_default_certificates.bind(null, base_name, "discoveryServer_", discoveryServerURN)
];
async.series(task1, done);
}
function createCertificateFromCommandLine() {
//example : node bin\crypto_create_CA.js --new --selfSigned --applicationUri urn:localhost:MyProduct --prefix aa --force
assert(_.isString(argv.applicationUri));
// urn:COMPUTERNAME:PRODUCT
assert(argv.applicationUri.length < 64);
var options = {
applicationUri: argv.applicationUri || makeApplicationUrn(get_fully_qualified_domain_name(), "NodeOPCUA-Server")
};
assert(_.isString(argv.prefix));
options.prefix = argv.prefix;
options.privateKey = argv.privateKey;
options.selfSigned = argv.selfSigned;
createNewCertificate(options,function(){
console.log("Done ...");
});
}
/**
*
* @param options
* @param options.commonName {String}
* @param options.organization {String}
* @param options.organizationUnit {String}
* @param options.locality {String}
* @param options.state {String}
* @param options.country {String}
*
* @param options.applicationUri {Numbers}
* @param options.domainNames {Array<String>}
* @param options.ipAddresses {Array<String>}
* @param options.keySize {Numbers}
*
* @param options.startDate {Date}= today
* @param options.validity {Number} number of days for validation [15*360 =15 years]
* @param options.selfSigned {Boolean}
*
* @param options.prefix {String} "new_certificate";
*
* @param options.privateKey {String} the privateKey filename or null, if private key need to be generated
* @param callback {Function}
*/
function createNewCertificate(options,callback ) {
assert(_.isFunction(callback));
var tasks = [
install_prerequisite.bind(null),
find_openssl.bind(null),
construct_CertificateAuthority.bind(null)
];
var base_name = make_path(__dirname, "../certificates/");
// -----------------------------------------------------------------------------
// Subject
// -----------------------------------------------------------------------------
options.commonName = options.commonName || config.commonName;
options.organization = options.organization || config.organization;
options.organizationUnit = options.organizationUnit || config.organizationUnit;
options.locality = options.locality || config.locality;
options.state = options.state || config.state;
options.country = options.country || config.country;
assert(options.country.length === 2);
// -----------------------------------------------------------------------------
// OPCUA Information
// -----------------------------------------------------------------------------
options.applicationUri = options.applicationUri || makeApplicationUrn(hostname, "NodeOPCUA-Client");
options.domainNames = [
"localhost", "oursel.homenet.org"
];
options.ipAddresses = options.ipAddresses || [];
// -----------------------------------------------------------------------------
// Certificate settings
// -----------------------------------------------------------------------------
options.keySize = options.keySize || config.keySize; // bits
assert(options.keySize === 1024 || options.keySize === 2048 || options.keySize === 4096);
options.validity = options.validity || config.validity;
options.selfSigned = !!(options.selfSigned);
options.startDate = options.startDate || today;
assert(options.startDate instanceof Date);
assert(_.isNumber(options.validity));
var private_key;
if (options.privateKey) {
options.privateKey = make_path(process.cwd(),options.privateKey);
if (!fs.existsSync(options.privateKey)) {
throw new Error("Cannot find public key ",options.privateKey);
}
private_key = options.privateKey;
console.log(" reusing private key : ",private_key);
} else {
options.prefix = options.prefix || "new_certificate_XX";
private_key = make_path(base_name, options.prefix + "_private_key.pem");
tasks.push(createPrivateKey.bind(null, private_key, options.keySize));
}
var certificate = make_path(base_name, options.prefix + "_certificate.pem");
//xx getPublicKeyFromPrivateKey.bind(null, private_key, public_key),
tasks = tasks.concat([
_createCertificate.bind(null,options.selfSigned ,certificate, private_key,options.applicationUri,options.startDate,options.validity),
displayTitle.bind(null, " Result"),
function(callback) {
console.log(" private key : ",private_key.cyan);
//xx console.log(" public key : ", public_key.cyan);
console.log(" certificate : ",certificate.cyan);
callback();
}
]);
async.series(tasks, callback);
}