Generate PKCS#10 certificate request
// Create certificate request with parameters from this page
var req = new gostCrypto.cert.Request({
subject: {
countryName: countryName.value,
stateOrProvinceName: stateOrProvinceName.value,
organizationalUnitName: organizationalUnitName.value,
organizationName: organizationName.value,
title: title.value,
commonName: commonName.value
}
});
req.generate(provider.value).then(function(key) {
// Output ready certification request
request.textContent = req.encode('PEM');
// Output ready private key
privateKey.textContent = key.encode('PEM');
}).catch(function(reason) {
alert(reason.message);
});
Issue certificate
try {
// Import root CA private key
var cakey = new gostCrypto.asn1.PrivateKeyInfo(certAndKeyCA.textContent);
// Import root CA certificate
var cacert = new gostCrypto.cert.X509(certAndKeyCA.textContent);
// Import the request
var req = new gostCrypto.cert.Request(request.textContent), cert;
// Verify the request
req.verify().then(function() {
// Create the new certificate
cert = new gostCrypto.cert.X509(req);
var notBefore = new Date();
notBefore.setHours(0, 0, 0, 0);
var notAfter = new Date(notBefore);
notAfter.setDate(notAfter.getDate() + parseInt(days.value || '365'));
cert.notBefore = notBefore;
cert.notAfter = notAfter;
// Sign the new certificate
return cert.sign(cakey, cacert);
}).then(function() {
// Output ready certificate
certificate.textContent = cert.encode('PEM') + '\r\n\r\n' + privateKey.textContent;
// Verify the issued certificate
return cert.verify(cacert);
}).catch(function(reason) {
alert(reason.message);
});
} catch(e) {
alert(e.message);
}