package main import ( "log" "github.com/docker/libtrust" ) func main() { // Generate client key. clientKey, err := libtrust.GenerateECP256PrivateKey() if err != nil { log.Fatal(err) } // Add a comment for the client key. clientKey.AddExtendedField("comment", "TLS Demo Client") // Save the client key, public and private versions. err = libtrust.SaveKey("client_data/private_key.pem", clientKey) if err != nil { log.Fatal(err) } err = libtrust.SavePublicKey("client_data/public_key.pem", clientKey.PublicKey()) if err != nil { log.Fatal(err) } // Generate server key. serverKey, err := libtrust.GenerateECP256PrivateKey() if err != nil { log.Fatal(err) } // Set the list of addresses to use for the server. serverKey.AddExtendedField("hosts", []string{"localhost", "docker.example.com"}) // Save the server key, public and private versions. err = libtrust.SaveKey("server_data/private_key.pem", serverKey) if err != nil { log.Fatal(err) } err = libtrust.SavePublicKey("server_data/public_key.pem", serverKey.PublicKey()) if err != nil { log.Fatal(err) } // Generate Authorized Keys file for server. err = libtrust.AddKeySetFile("server_data/trusted_clients.pem", clientKey.PublicKey()) if err != nil { log.Fatal(err) } // Generate Known Host Keys file for client. err = libtrust.AddKeySetFile("client_data/trusted_hosts.pem", serverKey.PublicKey()) if err != nil { log.Fatal(err) } }