makeCA() in certs.go saves the wrong ca.key

[drtimf]

I think there is a cut-and-paste error here:

caPrivKeyPEM := new(bytes.Buffer)
pem.Encode(caPrivKeyPEM, &pem.Block{
	Type:  "RSA PRIVATE KEY",
	Bytes: x509.MarshalPKCS1PrivateKey(caKey),
})
if err := ioutil.WriteFile(path + "ca.key", caPEM.Bytes(), 0644); err != nil {
	log.Printf("Write the CA certificate file error: %v\n", err)
	return nil, nil, err
}

I suspect the caPrivKeyPEM.Bytes() rather than the caPEM.Bytes() should be written to ca.key.

[nirui]

I was wondering the same, maybe it's a copy error. Another one is the string "Write the CA certificate file error" in the makeCert function, which should have been something like "unable to write certificate/key file" since the operations there has nothing to do with CA (other than the signing part).

Sadly, though, the author of this repository has passed away back in May due to cardiovascular complications. I'm sure that he would gladly further improve his work if things played out differently for him, but under this reality, I guess for the rest of us who's still trying to setup this damn x509 certificate scheme correctly, we just have to read the code more carefully in the future.