New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto/tls: put generate_cert.go in its own executable #19900
Comments
Why is that? If you can |
Say I want to ask end users to run the generate_cert.go file to get local certs. With every other Go binary I check for it on the $PATH and Compare this in a Makefile:
with generate_cert:
go run "$$(go env GOROOT)/src/crypto/tls/generate_cert.go" The latter can break because GOROOT is not defined, GOROOT has multiple entries, the user doesn't have the Go standard library locally, etc. etc. |
@kevinburke I have nothing much to add except point you to a repo that I made a year ago; it does exactly what you want and I use it a lot locally https://github.com/odeke-em/ssg |
I have done this, literally in a makefile, and would agree it would be nice to have it as a seperate command. I am guessing it's like this because no one really wants to support it, since it just primarily used for testing? idk if putting it behind something similar to "httptest" to reflect that is the use would help with that matter. |
If only somebody in this thread had a github account. |
are you saying "just do it"
…On Tue, Apr 11, 2017 at 3:39 PM, Brad Fitzpatrick ***@***.***> wrote:
If only somebody in this thread had a github account.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#19900 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ABYNbICPT7RAcGAI-LAF5sRS83RrvMwCks5ru9cHgaJpZM4M4LHu>
.
--
Jessie Frazelle
4096R / D4C4 DD60 0D66 F65A 8EFC 511E 18F3 685C 0022 BFF3
pgp.mit.edu <http://pgp.mit.edu/pks/lookup?op=get&search=0x18F3685C0022BFF3>
|
Emmanuel's already put this in a Github repo, if that's all we want to do. I guess my worry with that is missing out on a change to the code in If we moved this file to e.g. |
Once it's go-gettable, then people will keep asking for features. We already have And it would be the first "package main" in x/crypto. And the underscore might not be idiomatic. But if @agl as owner of x/crypto doesn't mind, sure. |
I don't think we have committed to writing a cert generation tool appropriate for production use. The generate_cert.go program is a simple program for writing tests. If we package up generate_cert.go, it implies more support than we are committed to at the moment. For production use, people can use openssl or any other generator explicitly targeted at that use. |
FYI |
@kevinburkeshyp we don't monitor closed issues, if that's still a problem, please open a new issue. |
Occasionally people recommend generating certificates for local use by running
go run crypto/tls/generate_cert.go
:It's a little difficult to get to this file though. It would be nice if it was installable as a binary, something like
go get golang.org/x/crypto/cmd/generate_cert
, maybe with some additional help documentation for the most common parameters to generate a certificate for local development.(In particular I'm interested in testing out the new HTTP2 server push code, which is only available locally if you serve TLS.)
The text was updated successfully, but these errors were encountered: