/rcgen

Generate X.509 certificates

Primary LanguageRustOtherNOASSERTION

rcgen

docs crates.io dependency status

Simple Rust library to generate X.509 certificates.

use rcgen::generate_simple_self_signed;
let subject_alt_names = vec!["hello.world.example".to_string(),
	"localhost".to_string()];

let cert = generate_simple_self_signed(subject_alt_names).unwrap();
// The certificate is now valid for localhost and the domain "hello.world.example"
println!("{}", cert.serialize_pem().unwrap());
println!("{}", cert.serialize_private_key_pem());

Trying it out with openssl

You can do this:

cargo run
openssl x509 -in certs/cert.pem -text -noout

For debugging, pasting the PEM formatted text to this service is very useful.

Trying it out with quinn

You can use rcgen together with the quinn crate. The whole set of commands is:

cargo run
cd ../quinn
cargo run --example server -- --cert ../rcgen/certs/cert.pem --key ../rcgen/certs/key.pem ./
cargo run --example client -- --ca ../rcgen/certs/cert.der https://localhost:4433/README.md

MSRV

The MSRV policy is to strive for supporting 7-month old Rust versions.

License

This crate is distributed under the terms of both the MIT license and the Apache License (Version 2.0), at your option.

See LICENSE for details.

License of your contributions

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.