2015-01-19 20:20:47 +01:00
|
|
|
pkictl
|
|
|
|
======
|
|
|
|
|
|
|
|
Pkictl can be used to manage the lifecycle of keys and certificates.
|
|
|
|
|
|
|
|
Its main purpose is the creation of certificates and control through rules of the
|
|
|
|
certification process. But it can also be used to sign and verify messages based
|
|
|
|
on private/public keys.
|
|
|
|
|
|
|
|
The focus is on easy commands with clear error messages to make work for the admin
|
|
|
|
or user as easy as possible. But it can also be used in scripts to implement
|
|
|
|
automated workflows.
|
|
|
|
|
|
|
|
features
|
|
|
|
--------
|
|
|
|
|
|
|
|
The following commnds will be implemented:
|
|
|
|
|
|
|
|
* create private key (RSA or ECDSA)
|
|
|
|
* create public key based on private key
|
|
|
|
* sign a message using a private key
|
|
|
|
* verify a message using a public key
|
|
|
|
* create a certificate sign request using a private key (WIP)
|
|
|
|
* create a certificate using a CSR (not implemented)
|
|
|
|
* show information about a CSR/private key/... (not implemented)
|
|
|
|
* verify certificate against rules and CSR (not implemented)
|
|
|
|
|
|
|
|
Installation
|
|
|
|
------------
|
|
|
|
|
2015-07-24 22:02:39 +02:00
|
|
|
To build pkictl Go 1.4 is required.
|
|
|
|
|
2015-01-19 20:20:47 +01:00
|
|
|
The project can be built with
|
|
|
|
|
2015-07-24 12:32:16 +02:00
|
|
|
go get github.com/Gibheer/pkictl
|
2015-01-19 20:20:47 +01:00
|
|
|
|
2015-07-24 12:32:16 +02:00
|
|
|
which fetches all dependencies needed and builds the binary into your
|
|
|
|
$GOPATH/bin.
|
2015-01-19 20:20:47 +01:00
|
|
|
|
|
|
|
Usage
|
|
|
|
-----
|
|
|
|
|
|
|
|
### print all commands
|
|
|
|
|
|
|
|
To print all commands, use
|
|
|
|
|
|
|
|
# ./pkictl
|
|
|
|
Usage: pkictl command args
|
|
|
|
where 'command' is one of:
|
|
|
|
create-private create a new private key
|
|
|
|
create-public create a public key from a private one
|
|
|
|
create-cert-sign create a new certificate sign request
|
|
|
|
help show this help
|
|
|
|
info get info on a file
|
|
|
|
sign sign a certificate request
|
|
|
|
sign-input sign a message with a private key
|
|
|
|
verify-signature verify a signature
|
|
|
|
|
|
|
|
Print the help for a command:
|
|
|
|
|
|
|
|
./pkictl create-public --help
|
|
|
|
Usage of create-public:
|
|
|
|
-output="STDOUT": path where the generated public key should be stored
|
|
|
|
-private-key="": path to the private key file
|
|
|
|
|
|
|
|
Contributing
|
|
|
|
------------
|
|
|
|
|
|
|
|
The best way to contribute is to use [github.com/gibheer/pkictl](https://github.com/gibheer/pkictl).
|