Simple Rust library to generate X.509 certificates.
extern crate rcgen;
use rcgen::generate_simple_self_signed;
let subject_alt_names = vec!["hello.world.example".to_string(),
"localhost".to_string()];
let cert = generate_simple_self_signed(subject_alt_names).unwrap();
// The certificate is now valid for localhost and the domain "hello.world.example"
println!("{}", cert.serialize_pem().unwrap());
println!("{}", cert.serialize_private_key_pem().unwrap());You can do this:
cargo run
openssl x509 -in certs/cert.pem -text -noout
For debugging, pasting the PEM formatted text to this service is very useful.
You can use rcgen together with the quinn crate. The whole set of commands is:
cargo run
cd ../quinn
cargo run --example server -- --cert ../rcgen/certs/cert.pem --key ../rcgen/certs/key.pem ./
cargo run --example client -- --ca ../rcgen/certs/cert.der https://localhost:4433/README.md
The currently latest stable Rust release is the minimum Rust
version that this crate supports. Having a policy reaching
further back would make no sense because this crate
depends on ring which has this same policy.
This crate is distributed under the terms of both the MIT license and the Apache License (Version 2.0), at your option.
See LICENSE for details.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.