CAUtilLib/BouncyCastleWrapper.cs

@@ -51,7 +51,8 @@ namespace CAUtilLib
             AsymmetricCipherKeyPair issuerKey,
             AsymmetricKeyParameter subjectPublic,
             BigInteger? issuerSerialNumber = null,
-            List<AddExtensionData> extensionDatas = null)
+            List<AddExtensionData> extensionDatas = null,
+            int days = 36500)
         {
             var selfserilaNumber = BigInteger.ProbablePrime(120, secureRandom);
             if (issuerSerialNumber is null)
@@ -71,7 +72,7 @@ namespace CAUtilLib
             certGenerator.SetIssuerDN(issuer);
             certGenerator.SetSubjectDN(subject);
             certGenerator.SetSerialNumber(selfserilaNumber);
-            certGenerator.SetNotAfter(DateTime.UtcNow.AddYears(100));
+            certGenerator.SetNotAfter(DateTime.UtcNow.AddDays(days));
             certGenerator.SetNotBefore(DateTime.UtcNow);
             certGenerator.SetPublicKey(subjectPublic);
 
@@ -166,7 +167,8 @@ namespace CAUtilLib
 
         public static X509Certificate GenerateSelfSignedRootCertificate(
             X509Name subject,
-            AsymmetricCipherKeyPair kp
+            AsymmetricCipherKeyPair kp,
+            int days = 36500
             )
         {
             List<AddExtensionData> datas = new List<AddExtensionData>() { 
@@ -182,7 +184,7 @@ namespace CAUtilLib
                     ExtensionValue = new KeyUsage(KeyUsage.DigitalSignature | KeyUsage.KeyCertSign | KeyUsage.CrlSign)
                 }
             };
-            return GenerateCertificate(subject, subject, kp, kp.Public, extensionDatas: datas);
+            return GenerateCertificate(subject, subject, kp, kp.Public, extensionDatas: datas, days: days);
         }
 
         public static X509Certificate GenerateIntermediateCertificate(

CertificateAutorityServer/Model/Config/CerServiceConfig.cs

@@ -10,8 +10,8 @@
     {
         public string Name { get; set; } = "rca";
         public int Days { get; set; } = 36500;
-        public string CommonName { get; set; } = "localhost";
-        public string OrganiaztionName { get; set; } = "zerovatech";
+        public string CommonName { get; set; } = "ZerovaRCA";
+        public string OrganiaztionName { get; set; } = "ZEROVA TECHNOLOGY CO. LTD.";
         public string Country { get; set; } = "TW";
         public string State { get; set; } = "Taipei";
     }

CertificateAutorityServer/Program.cs

@@ -1,8 +1,12 @@
+using CertificateAutorityServer.Model.Config;
 using CertificateAutorityServer.Service;
+using Microsoft.Extensions.DependencyInjection;
 
 WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
 
 // Add services to the container.
+//builder.Services.AddOptions();
+builder.Services.Configure<CerServiceConfig>(builder.Configuration.GetSection("CerServiceConfig"));
 builder.Services.AddSingleton<CertificateService>();
 
 builder.Services.AddControllers();

CertificateAutorityServer/Service/CertificateService.cs

@@ -47,16 +47,24 @@ namespace CertificateAutorityServer.Service
             {
                 AsymmetricCipherKeyPair kp = BouncyCastleWrapper.GenerateRsaKeyPair(4096);
                 var saveKeyResult = BouncyCastleWrapper.TrySaveAsPemAsync(RcaKeyPath, new object[] { kp.Private }).Result;
-                var subject = BouncyCastleWrapper.CreateX509Name(commonName: "Zerova");
-                X509Certificate cert = BouncyCastleWrapper.GenerateSelfSignedRootCertificate(subject, kp);
+                var subject = BouncyCastleWrapper.CreateX509Name(
+                    commonName: config.DefaultRcaConfig.CommonName,
+                    organizationName: config.DefaultRcaConfig.OrganiaztionName,
+                    country: config.DefaultRcaConfig.Country,
+                    state: config.DefaultRcaConfig.State);
+                X509Certificate cert = BouncyCastleWrapper.GenerateSelfSignedRootCertificate(subject, kp, days: config.DefaultRcaConfig.Days);
                 var saveCertResult = BouncyCastleWrapper.TrySaveAsPemAsync(RcaCertPath, new object[] { cert, kp.Private }).Result;
                 return;
             }
             if (!File.Exists(RcaCertPath))
             {
                 var kp = BouncyCastleWrapper.LoadPemKeyFromFile(RcaKeyPath).Result;
-                var subject = BouncyCastleWrapper.CreateX509Name(commonName: config.DefaultRcaConfig.CommonName);
-                var cert = BouncyCastleWrapper.GenerateSelfSignedRootCertificate(subject, kp);
+                var subject = BouncyCastleWrapper.CreateX509Name(
+                    commonName: config.DefaultRcaConfig.CommonName,
+                    organizationName: config.DefaultRcaConfig.OrganiaztionName,
+                    country: config.DefaultRcaConfig.Country,
+                    state: config.DefaultRcaConfig.State);
+                var cert = BouncyCastleWrapper.GenerateSelfSignedRootCertificate(subject, kp, days: config.DefaultRcaConfig.Days);
                 var saveCertResult = BouncyCastleWrapper.TrySaveAsPemAsync(RcaCertPath, new object[] { cert, kp.Private }).Result;
             }
         }