Lib.rs

Cryptography
#certificate #generate #ca #server-client #peer #profiles #key

bin+lib rcssl

A Rust library for generating X.509 certificates with support for CA, server, client and peer certificate profiles

by Ari

11 releases

0.2.1 Jan 9, 2025
0.2.0 Jan 9, 2025
0.1.10 Dec 28, 2024

#799 in Cryptography

Download history 261/week @ 2024-12-18 214/week @ 2024-12-25 234/week @ 2025-01-08

475 downloads per month

MIT/Apache

67KB
1.5K SLoC

Rust 1.5K SLoC // 0.0% comments JavaScript 182 SLoC // 0.2% comments

Certificate Generator

A Rust library for generating X.509 certificates with support for CA, server, client and peer certificate profiles.

Features

  • Generate CA certificates
  • Generate server/client/peer certificates signed by CA
  • Configurable certificate options including:
    • Common name
    • Subject Alternative Names (SANs)
    • Organization details
    • Validity period
    • Key usage and extended key usage
  • Uses ECDSA P-256 keys with SHA-256
  • PEM format output
  • Filesystem-based certificate storage

Usage

rcssl generate --config ./config.yaml

To see all the options, run rcssl generate --help.

Configuration

The configuration file is a YAML file that defines the certificates to be generated.

See the config.yaml file for an example.

Dependencies

~20–36MB
~666K SLoC