certainly
| Crates.io | certainly |
| lib.rs | certainly |
| version | 1.8.0 |
| source | src |
| created_at | 2018-09-05 11:08:36.822155 |
| updated_at | 2019-09-16 11:16:19.348072 |
| description | The easiest way to create self-signed certificates. Ever. |
| homepage | https://github.com/passcod/certainly |
| repository | https://github.com/passcod/certainly |
| max_upload_size | |
| id | 83043 |
| size | 96,423 |
Félix Saparelli (passcod)
documentation
README
certainly
Handy simple tool for common certificate-related operations.
$ certainly test.example.com test2.example.com foo.local 10.0.200.36
Writing test.example.com.key
Writing test.example.com.crt
$ certainly --inspect test.example.com.crt
[Local] C=ZZ, O=Certainly, OU=test.example.com from kaydel-ko, CN=test.example.com
Issuer: C=ZZ, O=Certainly, OU=test.example.com from kaydel-ko, CN=test.example.com
Created on: Sun Sep 15 01:30:14 2019
Expires on: Sun Sep 15 01:30:14 2029
Domains:
DNS: test.example.com
DNS: test2.example.com
DNS: foo.local
IPV4: 10.0.200.36
To see more: $ openssl x509 -text -in test.example.com.crt
$ certainly --inspect twitter.com
[Remote] C=US, ST=California, L=San Francisco, O=Twitter, Inc., OU=syd2, CN=twitter.com
Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
Chain:
Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
Created on: Sun May 13 00:00:00 2019
Expires on: Sun May 10 12:00:00 2020
Domains:
DNS: twitter.com
DNS: www.twitter.com
To see more: $ echo Q | openssl s_client twitter.com:443
Install
Binary download (Windows, Linux, macOS)
Binaries are available through GitHub Releases.
From source
With Cargo: cargo install certainly
From package manager
Arch Linux (AUR)
yay -S certainly-bin
Debian, Ubuntu (deb)
Download the deb file from GitHub Releases.
Others
Accepting contributions for more!
Options
-
--stdand--reverse-stdwill output both key and certificate to STDOUT instead of writing files. -
--double-stdwill output the key to STDERR and the certificate to STDOUT instead, so redirection can be used to write or pipe files where needed efficiently. Take care of checking the key is actually formatted properly and not an error message though! -
--inspectoutputs terse information about the passed certificate file (or url) and exits. -
--make-cacreates a key/certificate pair suitable for issuing instead. Use with--ca. -
--ca NAMEsigns a certificate with a CA pair instead of self-signing. Provide only the common filename, without the.crtand.keyextensions. -
--clientcreates client certificates rather than server ones. -
--ecdsacreates p256r1 ECDSA certificates (default). -
--ed25519creates ED25519 certificates. -
--rsacreates 4096-bit RSA certificates (not for production use).
See the man page for more.
See also
-
mkcert, a tool specifically for local-CA certificate management.
Etc
- Copyright © Félix Saparelli.
- Licensed under the Artistic License 2.0.