fastify Architecture Docs
Home / Function/ selfCert() — fastify Function Reference

selfCert() — fastify Function Reference

Architecture documentation for the selfCert() function in build-certificate.js from the fastify codebase.

Function javascript CoreKernel LifecycleManager called by 1

Entity Profile

Dependency Diagram

graph TD
  c96626c3_57b3_1f8a_3e70_ae4d1db7b7ba["selfCert()"]
  74a911e6_93f4_16a0_0111_b6a686d9563a["build-certificate.js"]
  c96626c3_57b3_1f8a_3e70_ae4d1db7b7ba -->|defined in| 74a911e6_93f4_16a0_0111_b6a686d9563a
  a86c4ff3_dd96_13eb_da57_24a38fde157e["buildCertificate()"]
  a86c4ff3_dd96_13eb_da57_24a38fde157e -->|calls| c96626c3_57b3_1f8a_3e70_ae4d1db7b7ba
  style c96626c3_57b3_1f8a_3e70_ae4d1db7b7ba fill:#6366f1,stroke:#818cf8,color:#fff

Relationship Graph

Source Code

test/build-certificate.js lines 7–92

function selfCert (opts) {
  const options = opts || {}
  const log = opts.logger || require('abstract-logging')
  const now = new Date()

  if (!options.attrs) options.attrs = {}
  if (!options.expires) {
    options.expires = new Date(
      now.getFullYear() + 5, now.getMonth() + 1, now.getDate()
    )
  }

  log.debug('generating key pair')
  const keys = forge.pki.rsa.generateKeyPair(options.bits || 2048)
  log.debug('key pair generated')

  log.debug('generating self-signed certificate')
  const cert = forge.pki.createCertificate()
  cert.publicKey = keys.publicKey
  cert.serialNumber = '01'
  cert.validity.notBefore = now
  cert.validity.notAfter = options.expires

  const attrs = [
    { name: 'commonName', value: options.attrs.commonName || os.hostname() },
    { name: 'countryName', value: options.attrs.countryName || 'US' },
    { name: 'stateOrProvinceName', value: options.attrs.stateName || 'Georgia' },
    { name: 'localityName', value: options.attrs.locality || 'Atlanta' },
    { name: 'organizationName', value: options.attrs.orgName || 'None' },
    { shortName: 'OU', value: options.attrs.shortName || 'example' }
  ]
  cert.setSubject(attrs)
  cert.setIssuer(attrs)

  cert.setExtensions([
    { name: 'basicConstraints', cA: true },
    {
      name: 'keyUsage',
      keyCertSign: true,
      digitalSignature: true,
      nonRepudiation: true,
      keyEncipherment: true,
      dataEncipherment: true
    },
    {
      name: 'extKeyUsage',
      serverAuth: true,
      clientAuth: true,
      codeSigning: true,
      emailProtection: true,
      timeStamping: true
    },
    {
      name: 'nsCertType',
      client: true,
      server: true,
      email: true,
      objsign: true,
      sslCA: true,
      emailCA: true,
      objCA: true
    },
    { name: 'subjectKeyIdentifier' },
    {
      name: 'subjectAltName',
      altNames: [{ type: 6 /* URI */, value: 'DNS: ' + attrs[0].value }].concat((function () {
        const interfaces = os.networkInterfaces()

        // fix citgm: skip invalid ips (aix72-ppc64)
        const ips = Object.values(interfaces).flat()
          .filter(i => !!forge.util.bytesFromIP(i.address))
          .map(i => ({ type: 7 /* IP */, ip: i.address }))

        return ips
      }()))
    }
  ])

  cert.sign(keys.privateKey)
  log.debug('certificate generated')
  return {

Domain

Subdomains

Defined In

Called By

Source

Frequently Asked Questions

What does selfCert() do?
selfCert() is a function in the fastify codebase, defined in test/build-certificate.js.
Where is selfCert() defined?
selfCert() is defined in test/build-certificate.js at line 7.
What calls selfCert()?
selfCert() is called by 1 function(s): buildCertificate.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free