Generate self signed certificates with the selfsigned library and validate those with OpenSSL 1.1

generate-certs.js

const fs = require('fs');
const ursa = require('ursa');
const async = require('async');
const faker = require('faker');
const util = require('util');
const spawn = require('child_process').spawn;

const selfsigned = require('selfsigned');

const total = Array.from(Array(10000).keys());

function validateOpenSSL(path, cb) {
  const ssl = spawn(
    '/usr/local/Cellar/[email protected]/1.1.0g_1/bin/openssl', ['x509', '-noout', '-text', '-in', path]
  );
  ssl.stderr.on('data', function (data) {
    process.stdout.write(data);
  });

  ssl.on('exit', function (code) {
    if (code !== 0) {
      console.log(code);
      process.exit(0);
    }

    cb();
  });
}

async.everyLimit(total, 1, function (index, callback) {
    const path = './cert.pem';

    const keyPair = ursa.generatePrivateKey(2048, 65537);
    const attributes = [{
      name: 'commonName',
      value: faker.internet.userName() + '.something.com'
    }];
    const options = {
      pkcs7: true,
      days: 5000,
      algorithm: 'sha256',
      keyPair: {
        privateKey: keyPair.toPrivatePem().toString(),
        publicKey: keyPair.toPublicPem().toString()
      },
      extensions: [{
        name: 'basicConstraints',
        cA: true,
        critical: true
      }, {
        name: 'subjectKeyIdentifier'
      }, {
        name: 'keyUsage',
        digitalSignature: true,
        keyCertSign: true,
        critical: true
      }]
    };

    const { cert } = selfsigned.generate(attributes, options);

    console.log('Validating ' + index);
    fs.writeFile(path, cert, 'UTF8', err => {
      if (err) {
        return callback(err);
      }

      validateOpenSSL(path, () => {
        callback(null, true);
      });
    });
  },
  function (err, result) {
    console.log('done', err, result);
  }
);