Lib.rs

Cryptography
#certificate #generate #ca #server-client #peer #profiles #name

bin+lib rcssl

A Rust library for generating X.509 certificates with support for CA, server, client and peer certificate profiles

by Ari

9 releases

new 0.1.10 Dec 28, 2024
0.1.9 Dec 28, 2024

#759 in Cryptography

Download history 475/week @ 2024-12-23

475 downloads per month

MIT/Apache

52KB
1K SLoC

Rust 1K SLoC // 0.0% comments JavaScript 182 SLoC // 0.2% comments

Certificate Generator

A Rust library for generating X.509 certificates with support for CA, server, client and peer certificate profiles.

Features

  • Generate CA certificates
  • Generate server/client/peer certificates signed by CA
  • Configurable certificate options including:
    • Common name
    • Subject Alternative Names (SANs)
    • Organization details
    • Validity period
    • Key usage and extended key usage
  • Uses ECDSA P-256 keys with SHA-256
  • PEM format output
  • Filesystem-based certificate storage

Usage

rcssl generate --config ./config.yaml

To see all the options, run rcssl generate --help.

Configuration

The configuration file is a YAML file that defines the certificates to be generated.

See the config.yaml file for an example.

Dependencies

~13–28MB
~531K SLoC