2 releases

0.1.1 Jun 7, 2023
0.1.0 Jun 7, 2023

#2637 in Cryptography

Download history 20/week @ 2024-07-19 34/week @ 2024-07-26 19/week @ 2024-08-02 19/week @ 2024-08-09 15/week @ 2024-08-16 8/week @ 2024-08-23 7/week @ 2024-08-30 9/week @ 2024-09-06 10/week @ 2024-09-13 27/week @ 2024-09-20 25/week @ 2024-09-27 27/week @ 2024-10-04 12/week @ 2024-10-11 11/week @ 2024-10-18 8/week @ 2024-10-25 15/week @ 2024-11-01

53 downloads per month

CC-PDDC license

44KB

Pre-built X509 certificates.

This crate provides cryptographic certificates and keys, meant for testing TLS clients and servers.

The certificates are meant to look realistic: they have most of the extensions that real-world certificates have, and try to follow the CAB guidelines as a real CA would.

This crate contains no code or dependencies, just const byte arrays containing pre-generated certificates and private keys.

If you would like to generate your own certificates, please try the x509-test-gen crate. It contains the code that was used to generate the certificates in the x509-test-certs crate. A collection of CA, client and server certificates.

The certificates can be used to test successful client or server validation.

The keys are RSA (2048 bit) and digests are SHA-256.

The server certificate is for a dns name test-server. You may need to spoof dns or instruct your client to use this name.

The client certificate is for an email address test@example.com.

The client and server certificates share the same root certificate.

A collection of CA, intermediate, client and server certificates

The certificates can be used to test successful client or server validation.

The keys are RSA (2048 bit) and digests are SHA-256.

The server certificate is for a dns name test-server. You may need to spoof dns or instruct your client to use this name.

The client certificate is for an email address test@example.com.

The client and server certificates share the same signature chain:

       root
        |
   intermediate
     /      \
  client   server

A client certificate with additional name types.

The certificates can be used to test successful client certificate decoding and authorization.

The keys are RSA (2048 bit) and digests are SHA-256.

The client certificate contains a Subject Alternative Name extension containing three names: a common name, a serial number, and a role.

CA and improperly signed server certificates.

The certificates can be used to test server validation failure.

The keys are RSA (2048 bit) and digests are SHA-256.

The server certificate is for a dns name test-server. You may need to spoof dns or instruct your client to use this name.

No runtime deps