Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
quick CA server

create a CA and generate keys

# pull container for
docker pull groob/certified:latest
# create CA and intermediary CA; will prompty you for a password
docker run --rm -it --name certified -v $(pwd)/certs:/certified/etc -e GIT_USER=groob -e groob/certified certified-ca C="US" ST="NY" L="New York" O="Example" CN="groob-ca"
# create server cert
docker run --rm -it --name certified -v $(pwd)/certs:/certified/etc -e GIT_USER=groob -e groob/certified certified CN=""
# create cert chain as server.crt
cat certs/ssl/certs/ certs/ssl/certs/ca.crt certs/ssl/certs/root-ca.crt > server.crt
# copy the private key
cp certs/ssl/private/ server.key

# add root-ca.crt to os x system keychain trusted roots
sudo security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" certs/ssl/certs/root-ca.crt

build a go server

package main

import (

func handle(w http.ResponseWriter, r *http.Request) {
	dump, err := httputil.DumpRequest(r, true)
	if err != nil {

func main() {
	certPath := "server.crt"
	keyPath := "server.key"
	http.HandleFunc("/", handle)
	log.Fatal(http.ListenAndServeTLS(":8000", certPath, keyPath, nil))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment