Define certificate creation facilities

[danfuzz]

What is the problem this feature will solve?

Right now, there is a gap in the crypto package in that, while one can parse existing certificates (e.g., new X509Certificate(...)), there's no exposed built-in functionality (that I could find) to create new certificates with specified properties.

This feature will close that gap.

What is the feature you are proposing to solve the problem?

Add new classes and/or methods to node:crypto, so that one can create a signed certificate from its various parts, along with a signing key, CSR, etc.

What alternatives have you considered?

I am currently using the npm package pem for this, which is a thin wrapper around call-outs to the openssl binary (which it assumes is available in the environment).

The npm packagenode-forge seems to have the right functionality and is JS-native, though it is unclear how well-maintained it is.

[mcollina]

I think this would be a great addition to Node.js to simplify the adoption of https even on developer machines.

[github-actions]

There has been no activity on this feature request for 5 months. To help maintain relevant open issues, please add the never-stale Mark issue so that it is never considered stale label or close this issue if it should be closed. If not, the issue will be automatically closed 6 months after the last non-automated comment.
For more information on how the project manages feature requests, please consult the feature request management document.