certify
Simplified functions to create a CA, CSR, CRL, and certificates. Also easy viewing, verifying of existing certificates.Installation
dagger install github.com/marvinmartian/daggerverse/certify@v0.1.1Entrypoint
Return Type
CertifyExample
dagger -m github.com/marvinmartian/daggerverse/certify@7fe135b9cd4c32d659f669fba7376dddbfb66ba0 call \
func (m *myModule) example() *Certify {
return dag.
Certify()
}@function
def example() -> dag.Certify:
return (
dag.certify()
)@func()
example(): Certify {
return dag
.certify()
}Types
Certify 🔗
build() 🔗
Build the base images
Return Type
Container !Example
dagger -m github.com/marvinmartian/daggerverse/certify@7fe135b9cd4c32d659f669fba7376dddbfb66ba0 call \
buildfunc (m *myModule) example() *Container {
return dag.
Certify().
Build()
}@function
def example() -> dagger.Container:
return (
dag.certify()
.build()
)@func()
example(): Container {
return dag
.certify()
.build()
}base() 🔗
Build the base images
Return Type
Container !Example
dagger -m github.com/marvinmartian/daggerverse/certify@7fe135b9cd4c32d659f669fba7376dddbfb66ba0 call \
basefunc (m *myModule) example() *Container {
return dag.
Certify().
Base()
}@function
def example() -> dagger.Container:
return (
dag.certify()
.base()
)@func()
example(): Container {
return dag
.certify()
.base()
}ca() 🔗
A utility to bootstrap your own certificate authority and public key infrastructure
Return Type
CertStrap !Example
dagger -m github.com/marvinmartian/daggerverse/certify@7fe135b9cd4c32d659f669fba7376dddbfb66ba0 call \
cafunc (m *myModule) example() *CertifyCertStrap {
return dag.
Certify().
Ca()
}@function
def example() -> dag.CertifyCertStrap:
return (
dag.certify()
.ca()
)@func()
example(): CertifyCertStrap {
return dag
.certify()
.ca()
}view() 🔗
A utility to examine and validate certificates to help with debugging SSL/TLS issues
Return Type
Certigo !Example
dagger -m github.com/marvinmartian/daggerverse/certify@7fe135b9cd4c32d659f669fba7376dddbfb66ba0 call \
viewfunc (m *myModule) example() *CertifyCertigo {
return dag.
Certify().
View()
}@function
def example() -> dag.CertifyCertigo:
return (
dag.certify()
.view()
)@func()
example(): CertifyCertigo {
return dag
.certify()
.view()
}CertStrap 🔗
container() 🔗
Return Type
Container !Example
dagger -m github.com/marvinmartian/daggerverse/certify@7fe135b9cd4c32d659f669fba7376dddbfb66ba0 call \
ca \
containerfunc (m *myModule) example() *Container {
return dag.
Certify().
Ca().
Container()
}@function
def example() -> dagger.Container:
return (
dag.certify()
.ca()
.container()
)@func()
example(): Container {
return dag
.certify()
.ca()
.container()
}init() 🔗
Create Certificate Authority, including certificate, key and extra information file.
Return Type
Directory !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| passphrase | Secret | - | Passphrase to encrypt private key PEM block |
| bits | String | "4096" | Size (in bits) of RSA keypair to generate (example: 4096) (default: 4096) |
| curve | String | - | Elliptic curve name. Must be one of P-521, Ed25519, P-224, P-256, P-384. |
| expires | String | - | How long until the certificate expires (example: 1 year 2 days 3 months 4 hours) (default: "18 months") |
| organization | String | "SomeOrg" | Sets the Organization (O) field of the certificate |
| organizationalUnit | String | - | Sets the Organizational Unit (OU) field of the certificate |
| country | String | - | Sets the Country (C) field of the certificate |
| commonName | String | "SomeCert" | Sets the Common Name (CN) field of the certificate |
| province | String | - | Sets the State/Province (ST) field of the certificate |
| locality | String | - | Sets the Locality (L) field of the certificate |
Example
dagger -m github.com/marvinmartian/daggerverse/certify@7fe135b9cd4c32d659f669fba7376dddbfb66ba0 call \
ca \
initfunc (m *myModule) example() *Directory {
return dag.
Certify().
Ca().
Init()
}@function
def example() -> dagger.Directory:
return (
dag.certify()
.ca()
.init()
)@func()
example(): Directory {
return dag
.certify()
.ca()
.init()
}request() 🔗
Return Type
Directory !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| fileDir | Directory | - | Directory containing any previously generated CA,csr,crl,etc files |
| passphrase | Secret | - | Passphrase to encrypt private key PEM block |
| bits | String | "4096" | Size (in bits) of RSA keypair to generate (example: 4096) (default: 4096) |
| curve | String | - | Elliptic curve name. Must be one of P-521, Ed25519, P-224, P-256, P-384. |
| expires | String | - | How long until the certificate expires (example: 1 year 2 days 3 months 4 hours) (default: "18 months") |
| organization | String | - | Sets the Organization (O) field of the certificate |
| organizationalUnit | String | - | Sets the Organizational Unit (OU) field of the certificate |
| country | String | - | Sets the Country (C) field of the certificate |
| commonName | String ! | - | Sets the Common Name (CN) field of the certificate |
| province | String | - | Sets the State/Province (ST) field of the certificate |
| locality | String | - | Sets the Locality (L) field of the certificate |
| ip | String | - | IP addresses to add as subject alt name (comma separated) |
| domain | String | - | DNS entries to add as subject alt name (comma separated) |
| uri | String | - | URI values to add as subject alt name (comma separated) |
Example
dagger -m github.com/marvinmartian/daggerverse/certify@7fe135b9cd4c32d659f669fba7376dddbfb66ba0 call \
ca \
request --common-name stringfunc (m *myModule) example(commonName string) *Directory {
return dag.
Certify().
Ca().
Request(commonName)
}@function
def example(common_name: str) -> dagger.Directory:
return (
dag.certify()
.ca()
.request(common_name)
)@func()
example(commonName: string): Directory {
return dag
.certify()
.ca()
.request(commonName)
}sign() 🔗
Sign certificate request with CA, and generate certificate for the host.
Return Type
Directory !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| hostName | String ! | - | Host name for certificate |
| fileDir | Directory | - | Directory containing any previously generated CA,csr,crl,etc files |
| passphrase | Secret | - | Passphrase to encrypt private key PEM block |
| expires | String | "2 years" | How long until the certificate expires (example: 1 year 2 days 3 months 4 hours) (default: "18 months") |
| ca | String ! | - | Name of CA to issue cert with |
| csr | String | - | Path to certificate request PEM file |
| cert | String | - | Path to certificate output PEM file |
| intermediate | Boolean | - | Whether generated certificate should be a intermediate |
Example
dagger -m github.com/marvinmartian/daggerverse/certify@7fe135b9cd4c32d659f669fba7376dddbfb66ba0 call \
ca \
sign --host-name string --ca stringfunc (m *myModule) example(hostName string, ca string) *Directory {
return dag.
Certify().
Ca().
Sign(hostName, ca)
}@function
def example(host_name: str, ca: str) -> dagger.Directory:
return (
dag.certify()
.ca()
.sign(host_name, ca)
)@func()
example(hostName: string, ca: string): Directory {
return dag
.certify()
.ca()
.sign(hostName, ca)
}Certigo 🔗
container() 🔗
Return Type
Container !Example
dagger -m github.com/marvinmartian/daggerverse/certify@7fe135b9cd4c32d659f669fba7376dddbfb66ba0 call \
view \
containerfunc (m *myModule) example() *Container {
return dag.
Certify().
View().
Container()
}@function
def example() -> dagger.Container:
return (
dag.certify()
.view()
.container()
)@func()
example(): Container {
return dag
.certify()
.view()
.container()
}cert() 🔗
Display information about a certificate from a file
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| cert | File ! | - | Certificate File |
| passphrase | Secret | - | Password for PKCS12/JCEKS key stores |
| pem | Boolean | - | Write output as PEM blocks instead of human-readable format. |
| jsonFormat | Boolean | - | Write output as machine-readable JSON format. |
| first | Boolean | - | Only display the first certificate. This flag can be paired with --json or --pem. |
Example
dagger -m github.com/marvinmartian/daggerverse/certify@7fe135b9cd4c32d659f669fba7376dddbfb66ba0 call \
view \
cert --cert file:pathfunc (m *myModule) example(ctx context.Context, cert *File) string {
return dag.
Certify().
View().
Cert(ctx, cert)
}@function
async def example(cert: dagger.File) -> str:
return await (
dag.certify()
.view()
.cert(cert)
)@func()
async example(cert: File): Promise<string> {
return dag
.certify()
.view()
.cert(cert)
}verify() 🔗
Verify a certificate chain from file
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| cert | File ! | - | Certificate File |
| passphrase | Secret | - | Password for PKCS12/JCEKS key stores |
| name | String ! | - | Server name to verify certificate against |
| ca | File | - | Path to CA bundle (system default if unspecified). |
| format | String | - | Format of given input (PEM, DER, JCEKS, PKCS12; heuristic if missing). |
| jsonFormat | Boolean | - | Write output as machine-readable JSON format. |
Example
dagger -m github.com/marvinmartian/daggerverse/certify@7fe135b9cd4c32d659f669fba7376dddbfb66ba0 call \
view \
verify --cert file:path --name stringfunc (m *myModule) example(ctx context.Context, cert *File, name string) string {
return dag.
Certify().
View().
Verify(ctx, cert, name)
}@function
async def example(cert: dagger.File, name: str) -> str:
return await (
dag.certify()
.view()
.verify(cert, name)
)@func()
async example(cert: File, name: string): Promise<string> {
return dag
.certify()
.view()
.verify(cert, name)
}connect() 🔗
Connect to a server and print its certificate(s).
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| server | String ! | - | Server address to connect to |
| port | String ! | "443" | Server port to connect to |
| name | String | - | Server name to verify certificate against |
| ca | File | - | Path to CA bundle (system default if unspecified). |
| certFile | File | - | Certificate File |
| key | File | - | Private key for client certificate, if not in same file (PEM). |
| startTls | String | - | Enable StartTLS protocol ('ldap', 'mysql', 'postgres', 'smtp' or 'ftp'). |
| identity | String | - | With --start-tls, sets the DB user or SMTP EHLO name. |
| proxy | String | - | Optional URI for HTTP(s) CONNECT proxy to dial connections with. |
| timeout | String | - | Timeout for connecting to remote server (can be '5m', '1s', etc). |
| pem | Boolean | - | Write output as PEM blocks instead of human-readable format. |
| jsonFormat | Boolean | - | Write output as machine-readable JSON format. |
| first | Boolean | - | Only display the first certificate. This flag can be paired with --json or --pem. |
| verify | Boolean | - | Verify certificate chain. |
| expectedName | String | - | Name expected in the server TLS certificate. Defaults to name from SNI or, if SNI not overridden, the hostname to connect to. |
Example
dagger -m github.com/marvinmartian/daggerverse/certify@7fe135b9cd4c32d659f669fba7376dddbfb66ba0 call \
view \
connect --server string --port stringfunc (m *myModule) example(ctx context.Context, server string, port string) string {
return dag.
Certify().
View().
Connect(ctx, server, port)
}@function
async def example(server: str, port: str) -> str:
return await (
dag.certify()
.view()
.connect(server, port)
)@func()
async example(server: string, port: string): Promise<string> {
return dag
.certify()
.view()
.connect(server, port)
}