Lib.rs

Cryptographyrcgen
#tls-certificates #certificate #ca #mkcert #private-key

bin+lib rustls-cert-gen

Rust X.509 certificate generator CLI

by Dirkjan Ochtman, est31, Daniel McCarney and 43 contributors

1 unstable release

0.1.0 Mar 29, 2024

#2403 in Cryptography

Download history 584/week @ 2024-08-15 329/week @ 2024-08-22 191/week @ 2024-08-29 213/week @ 2024-09-05 202/week @ 2024-09-12 224/week @ 2024-09-19 307/week @ 2024-09-26 236/week @ 2024-10-03 289/week @ 2024-10-10 272/week @ 2024-10-17 484/week @ 2024-10-24 231/week @ 2024-10-31 293/week @ 2024-11-07 236/week @ 2024-11-14 279/week @ 2024-11-21 122/week @ 2024-11-28

972 downloads per month

MIT/Apache

185KB
4K SLoC

rustls-cert-gen

rustls-cert-gen is a tool to generate TLS certificates. In its current state it will generate a Root CA and an end-entity certificate, along with private keys. The end-entity certificate will be signed by the Root CA.

Usage

Having compiled the binary you can simply pass a path to output generated files.

cargo run -- -o output/dir

In the output directory you will find these files:

  • cert.pem (end-entity's X.509 certificate, signed by root-ca's key)
  • cert.key.pem (end-entity's private key)
  • root-ca.pem (ca's self-signed X.509 certificate)

For a complete list of supported options:

rustls-cert-gen --help

FAQ

What signature schemes are available?

  • pkcs_ecdsa_p256_sha256
  • pkcs_ecdsa_p384_sha384
  • pkcs_ed25519

lib.rs:

This library wraps [rcgen] to provide a simple API to generate TLS certificate-chains. Its primary intent is to ease development of applications that verify chains of trust. It can be used for whatever purpose you may need a TLS certificate-chain.

Dependencies

~8–28MB
~660K SLoC