Is there any easy way to get the complete subject DN (or issuer DN) from an x509 certificate in go as a string?
I was not able to find any methods like ".String()" in pkix.Name
5条回答 默认 最新
duankuang7928 2016-08-25 06:26关注Solution (thanks to a colleague):
var oid = map[string]string{ "2.5.4.3": "CN", "2.5.4.4": "SN", "2.5.4.5": "serialNumber", "2.5.4.6": "C", "2.5.4.7": "L", "2.5.4.8": "ST", "2.5.4.9": "streetAddress", "2.5.4.10": "O", "2.5.4.11": "OU", "2.5.4.12": "title", "2.5.4.17": "postalCode", "2.5.4.42": "GN", "2.5.4.43": "initials", "2.5.4.44": "generationQualifier", "2.5.4.46": "dnQualifier", "2.5.4.65": "pseudonym", "0.9.2342.19200300.100.1.25": "DC", "1.2.840.113549.1.9.1": "emailAddress", "0.9.2342.19200300.100.1.1": "userid", } func getDNFromCert(namespace pkix.Name, sep string) (string, error) { subject := []string{} for _, s := range namespace.ToRDNSequence() { for _, i := range s { if v, ok := i.Value.(string); ok { if name, ok := oid[i.Type.String()]; ok { // <oid name>=<value> subject = append(subject, fmt.Sprintf("%s=%s", name, v)) } else { // <oid>=<value> if no <oid name> is found subject = append(subject, fmt.Sprintf("%s=%s", i.Type.String(), v)) } } else { // <oid>=<value in default format> if value is not string subject = append(subject, fmt.Sprintf("%s=%v", i.Type.String, v)) } } } return sep + strings.Join(subject, sep), nil }calling the function:
subj, err := getDNFromCert(x509Cert.Subject, "/") if err != nil { // do error handling } fmt.Println(subj)output (example):
/C=US/O=some organization/OU=unit/CN=common namethis seems to be the only "easy" solution
解决 无用评论 打赏举报
分享
- 2017-03-02 15:44回答 2 已采纳 If I properly understood what you are trying to do, then answer is simple. Your certificate inclu
- 2019-05-08 09:59回答 1 已采纳 If your signing request is in the DER format there's a couple of functions in the standard library
- 2015-11-18 20:25回答 2 已采纳 The crypto/tls package contains a file called generate_cert.go which shows the proper and idiomati
- 2022-03-21 00:30youngZ_H的博客 文章目录x509证书1. 概述2. x509证书结构2.1 证书扩展字段(X509v3 extensions)2.1.1 Key Usage2.1.2 Extended Key Usage2.1.3 Basic Constraints2.1.4 Subject Key Identifier2.1.5 Subject Alternative Name3. 证书...
- 2017-05-06 16:42回答 1 已采纳 If you want to generate your own certificate and private key, you have to do: 1.- Generate privat
- 2019-02-28 17:01回答 1 已采纳 The response has a TLS *tls.ConnectionState field, which in turn has: type ConnectionState struct
- 2017-12-09 23:01回答 1 已采纳 You need to do two things: add the CA certificate on the server side as well, the CA needs to be
- 2022-07-02 12:14田土豆的博客 环境: ...有了私钥后,就可以创建(csr,证书请求文件)。使用私钥对csr进行(签名),同时csr中包含与私钥对应的公钥使用 一般来说,交互时直接敲就行,表示使用默认值;如果想某些字段为空,可以输
- 2016-08-08 06:45回答 2 已采纳 You need to add CA of your certificate to your transport like: package main import ( "crypto
- 2017-02-15 22:17回答 1 已采纳 No, as @JimB told you, TLS can't work without certificates. The reasoning is simple: TLS is all a
- 2017-11-09 06:58回答 1 已采纳 You can use peer.Peer from ctx context.Context for access to the OID registry in x509.Certificate.
- 2017-06-05 19:50weixin_34419326的博客 证书签发涉及到了非对称加密方面的知识,这里介绍使用golang中的x509标准库进行证书自签发,还有证书签发后如何使用golang进行双向认证. 自签发证书 生成根证书 根证书是CA认证中心给自己颁发的证书,是信任链的起始点....
- 2018-04-17 11:09回答 1 已采纳 You don't make clear how much you don't (or do) understand. To start from the basics: ASN.1 (Abst
- 2021-04-19 20:06三雷科技的博客 由CA签发,证明证书持有人身份的,包含证书持有人公钥,及其他认证信息(DN)的实体。 证书 = 元数据(信息)+签名密文(对信息的摘要,使用CA私钥加密) 证书内容 证书的版本信息 证书的序列号,每个证书都有一个...
- 2022-07-28 16:24At小小程序媛的博客 package crypto import ( "crypto" "crypto/rand" "crypto/rsa" "crypto/x509" "encoding/base64" "encoding/pem" "errors" ) // RsaEncryptWithSha1AndBase64 RSA1 私钥加签 func RsaEncryptWithSha1AndBase...
- 没有解决我的问题, 去提问
悬赏问题
- ¥30 线性代数的问题,我真的忘了线代的知识了
- ¥15 有谁能够把华为matebook e 高通骁龙850刷成安卓系统,或者安装安卓系统
- ¥188 需要修改一个工具,懂得汇编的人来。
- ¥15 livecharts wpf piechart 属性
- ¥20 数学建模,尽量用matlab回答,论文格式
- ¥15 昨天挂载了一下u盘,然后拔了
- ¥30 win from 窗口最大最小化,控件放大缩小,闪烁问题
- ¥20 易康econgnition精度验证
- ¥15 msix packaging tool打包问题
- ¥28 微信小程序开发页面布局没问题,真机调试的时候页面布局就乱了