CertToStore is a multi-platform package that allows you to work with x509 certificates on Linux and the certificate store on Windows.
CertToStore was created to solve some specific problems when working with certificates using Go. Ever wanted to create public/private key pairs using the TPM or create certificate requests using TPM backed keys? Both are possible using CertToStore on Windows.
Native Certificate Store Access without the prompts Certificate storage in CertToStore under Windows is implemented using native Windows API calls. This makes the package efficient and avoids problematic user prompts and interactions.
With CertToStore, you can also lookup and use existing certificates with their private keys through CNG, regardless of how they were issued (TPM or Software backed).
Built-in support for Cryptography API: Next Generation (CNG) CertToStore for Windows was built from the ground up to use Microsoft's Cryptography API: Next Generation (CNG). This grants certificates generated, requested, and stored using CertToStore the ability to use your computer's TPM to store private key material safely.
Compatibile with packages that use x509.Certificate Certificates managed by CertToStore are compatible with other packages that use x509.Certificate. Want to generate certificate requests using the TPM, and send them to your own third-party CA? Have a Go based web server that you want to use with a TPM backed certificate? Sure thing.
We have a public discussion list at [email protected]
This is not an official Google product.