hatter/yubikey-ca
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
fb04fc6b6ae7b8767a357a14f2e4e9959d43b8aa
yubikey-ca/yubikey-ca-java
History
Hatter Jiang fb04fc6b6a feat:update args util
2023-05-21 00:17:07 +08:00
..
src/main/java/me/hatter/tools/yubikeyca
feat:update args util
2023-05-21 00:17:07 +08:00
build.gradle
feat: generate keypair
2023-05-20 13:37:32 +08:00
build.json
feat: issue root/intermediate ca
2023-05-20 18:16:54 +08:00
README.md
feat: update readme
2023-05-20 19:09:13 +08:00

README.md

ENV:

  • CARD_CLI - Card cli command or full path, default card-cli
  • SIGN_REQUEST_SLOT - Sign request slot, default 82

Generate Keypair

$ java -jar yubikey-ca-java.jar --generate-keypair --keypair-type secp256r1

Issue ROOT CA

$ java -jar yubikey-ca-java.jar --issue-root-ca \
       --sign-slot 88 --subject 'CN=Hatter Yubikey EC Root CA' \
       --pin ****** \
       [--add-to-remote]

Issue Intermediate CA

$ java -jar yubikey-ca-java.jar --issue-intermediate-ca \
       --sign-slot 88 --subject 'CN=Hatter Yubikey EC Intermediate CA' \
       --cert-slot 89 --root-ca-id 39 \
       --pin ****** \
       [--add-to-remote]

Issue Server CA

$ java -jar yubikey-ca-java.jar --issue-server-ca \
       --sign-slot 89 --subject 'CN=hatter-test' \
       --intermediate-ca-id 40 --keypair-type secp256r1 \
       --dns-name a.example.com --dns-name b.example.com \
       --pin ****** \
       [--add-to-remote]

Issue Client CA

$ java -jar yubikey-ca-java.jar --issue-client-ca \
       --sign-slot 89 --subject 'CN=hatter-test' \
       --intermediate-ca-id 40 --keypair-type secp256r1 \
       --pin ****** \
       [--add-to-remote]
Reference in New Issue View Git Blame Copy Permalink