Expand description
Rust X.509 certificate generation utility
This crate provides a way to generate self signed X.509 certificates.
The most simple way of using this crate is by calling the
generate_simple_self_signed
function.
For more customization abilities, we provide the lower level
Certificate::from_params
function.
§Example
extern crate rcgen;
use rcgen::generate_simple_self_signed;
// Generate a certificate that's valid for "localhost" and "hello.world.example"
let subject_alt_names = vec!["hello.world.example".to_string(),
"localhost".to_string()];
let cert = generate_simple_self_signed(subject_alt_names).unwrap();
println!("{}", cert.serialize_pem().unwrap());
println!("{}", cert.serialize_private_key_pem());
Structs§
- A self signed certificate together with signing keys
- Parameters used for certificate generation
- Data for a certificate signing request
- A custom extension of a certificate, as specified in RFC 5280
- Distinguished name used e.g. for the issuer and subject fields of a certificate
- Iterator over
DistinguishedName
entries - A key pair used to sign certificates and CSRs
- The NameConstraints extension (only relevant for CA certificates)
- A public key, extracted from a CSR
- Signature algorithm type
Enums§
- The path length constraint (only relevant for CA certificates)
- CIDR subnet, as per RFC 4632
- The attribute type of a distinguished name entry
- A distinguished name entry
- One of the purposes contained in the extended key usage extension
- General Subtree type.
- Whether the certificate is allowed to sign other certificates
- Method to generate key identifiers from public keys.
- One of the purposes contained in the key usage extension
- The error type of the rcgen crate
- The type of subject alt name
Statics§
- ECDSA signing using the P-256 curves and SHA-256 hashing as per RFC 5758
- ECDSA signing using the P-384 curves and SHA-384 hashing as per RFC 5758
- ED25519 curve signing as per RFC 8410
- RSA signing with PKCS#1 1.5 padding and SHA-256 hashing as per RFC 4055
- RSA signing with PKCS#1 1.5 padding and SHA-256 hashing as per RFC 4055
- RSA signing with PKCS#1 1.5 padding and SHA-512 hashing as per RFC 4055
Traits§
- A private key that is not directly accessible, but can be used to sign messages
Functions§
- Helper to obtain an
OffsetDateTime
from year, month, day values - KISS function to generate a self signed certificate