Pell-Mell on Setting Up a Solid Server on Windows

rimmartin · November 26, 2018, 12:08pm

self_certify.js

var fs = require('fs');
var forge = require('node-forge');

var pki = forge.pki;

// generate a keypair and create an X.509v3 certificate
var keys = pki.rsa.generateKeyPair(2048);
var cert = pki.createCertificate();
cert.publicKey = keys.publicKey;
// alternatively set public key from a csr
//cert.publicKey = csr.publicKey;
// NOTE: serialNumber is the hex encoded value of an ASN.1 INTEGER.
// Conforming CAs should ensure serialNumber is:
// - no more than 20 octets
// - non-negative (prefix a '00' if your value starts with a '1' bit)
cert.serialNumber = '01';
cert.validity.notBefore = new Date();
cert.validity.notAfter = new Date();
cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 1);
var attrs = [{
  name: 'commonName',
  value: 'localhost'
}, {
  name: 'countryName',
  value: 'US'
}, {
  shortName: 'ST',
  value: 'Pensylvania'
}, {
  name: 'localityName',
  value: 'State College'
}, {
  name: 'organizationName',
  value: 'PMC'
}, {
  shortName: 'OU',
  value: 'pmc'
}];
cert.setSubject(attrs);
// alternatively set subject from a csr
//cert.setSubject(csr.subject.attributes);
cert.setIssuer(attrs);
cert.setExtensions([{
  name: 'basicConstraints',
  cA: true
}, {
  name: 'keyUsage',
  keyCertSign: true,
  digitalSignature: true,
  nonRepudiation: true,
  keyEncipherment: true,
  dataEncipherment: true
}, {
  name: 'extKeyUsage',
  serverAuth: true,
  clientAuth: true,
  codeSigning: true,
  emailProtection: true,
  timeStamping: true
}, {
  name: 'nsCertType',
  client: true,
  server: true,
  email: true,
  objsign: true,
  sslCA: true,
  emailCA: true,
  objCA: true
}, {
  name: 'subjectAltName',
  altNames: [{
    type: 6, // URI
    value: 'http://localhost/webid#me'
  }, {
    type: 7, // IP
    ip: '127.0.0.1'
  }]
}, {
  name: 'subjectKeyIdentifier'
}]);
/* alternatively set extensions from a csr
var extensions = csr.getAttribute({name: 'extensionRequest'}).extensions;
// optionally add more extensions
extensions.push.apply(extensions, [{
  name: 'basicConstraints',
  cA: true
}, {
  name: 'keyUsage',
  keyCertSign: true,
  digitalSignature: true,
  nonRepudiation: true,
  keyEncipherment: true,
  dataEncipherment: true
}]);
cert.setExtensions(extensions);
*/
// self-sign certificate
cert.sign(keys.privateKey);

// convert a Forge certificate to PEM
var pem = pki.certificateToPem(cert);

// convert a Forge private key to PEM-format
var pemKey = pki.privateKeyToPem(keys.privateKey);


fs.writeFile('pmc.cert', pem, {encoding: null}, (err) =>{});
fs.writeFile('pmc.key', pemKey, {encoding: null}, (err) =>{});

needs your location and names filled.

call "%NODE_HOME%\node" self_certify.js

Topic		Replies	Views
Solid Server on Windows Solid: The Basics	13	3686	July 21, 2019
Symptom: Access to Main ("index") Page Denied for Owner's WebID When Setting Up a Solid Server on a Windows Machine Server Administration	23	6477	November 26, 2018
Hit a wall with SSL certification on single user servers Instructions	2	2104	November 8, 2018
Server self-hosting setup issues Self Host a Solid Pod	14	1534	November 21, 2024
POD-Providers / How-To	7	1045	April 29, 2019

Pell-Mell on Setting Up a Solid Server on Windows

Related topics