2 releases
0.1.1 | Jun 7, 2023 |
---|---|
0.1.0 | Jun 7, 2023 |
#2637 in Cryptography
53 downloads per month
44KB
Pre-built X509 certificates.
This crate provides cryptographic certificates and keys, meant for testing TLS clients and servers.
The certificates are meant to look realistic: they have most of the extensions that real-world certificates have, and try to follow the CAB guidelines as a real CA would.
This crate contains no code or dependencies, just const
byte arrays containing
pre-generated certificates and private keys.
If you would like to generate your own certificates, please try the x509-test-gen
crate. It contains the code that was used to generate the certificates in the
x509-test-certs
crate.
A collection of CA, client and server certificates.
The certificates can be used to test successful client or server validation.
The keys are RSA (2048 bit) and digests are SHA-256.
The server certificate is for a dns name test-server
. You may need
to spoof dns or instruct your client to use this name.
The client certificate is for an email address test@example.com
.
The client and server certificates share the same root certificate.
A collection of CA, intermediate, client and server certificates
The certificates can be used to test successful client or server validation.
The keys are RSA (2048 bit) and digests are SHA-256.
The server certificate is for a dns name test-server
. You may need
to spoof dns or instruct your client to use this name.
The client certificate is for an email address test@example.com
.
The client and server certificates share the same signature chain:
root
|
intermediate
/ \
client server
A client certificate with additional name types.
The certificates can be used to test successful client certificate decoding and authorization.
The keys are RSA (2048 bit) and digests are SHA-256.
The client certificate contains a Subject Alternative Name extension containing three names: a common name, a serial number, and a role.
CA and improperly signed server certificates.
The certificates can be used to test server validation failure.
The keys are RSA (2048 bit) and digests are SHA-256.
The server certificate is for a dns name test-server
. You may need
to spoof dns or instruct your client to use this name.