Expand description
Rust X.509 certificate generation utility
This crate provides a way to generate self signed X.509 certificates.
The most simple way of using this crate is by calling the
generate_simple_self_signed
function.
For more customization abilities, we provide the lower level
Certificate::from_params
function.
Example
extern crate rcgen;
use rcgen::generate_simple_self_signed;
// Generate a certificate that's valid for "localhost" and "hello.world.example"
let subject_alt_names = vec!["hello.world.example".to_string(),
"localhost".to_string()];
let cert = generate_simple_self_signed(subject_alt_names).unwrap();
println!("{}", cert.serialize_pem().unwrap());
println!("{}", cert.serialize_private_key_pem());
Structs
A self signed certificate together with signing keys
Parameters used for certificate generation
Data for a certificate signing request
A custom extension of a certificate, as specified in RFC 5280
Distinguished name used e.g. for the issuer and subject fields of a certificate
Iterator over DistinguishedName
entries
A key pair used to sign certificates and CSRs
The NameConstraints extension (only relevant for CA certificates)
A public key, extracted from a CSR
Signature algorithm type
Enums
The path length constraint (only relevant for CA certificates)
CIDR subnet, as per RFC 4632
The attribute type of a distinguished name entry
A distinguished name entry
One of the purposes contained in the extended key usage extension
General Subtree type.
Whether the certificate is allowed to sign other certificates
Method to generate key identifiers from public keys.
One of the purposes contained in the key usage extension
The error type of the rcgen crate
The type of subject alt name
Statics
ECDSA signing using the P-256 curves and SHA-256 hashing as per RFC 5758
ECDSA signing using the P-384 curves and SHA-384 hashing as per RFC 5758
ED25519 curve signing as per RFC 8410
RSA signing with PKCS#1 1.5 padding and SHA-256 hashing as per RFC 4055
RSA signing with PKCS#1 1.5 padding and SHA-256 hashing as per RFC 4055
RSA signing with PKCS#1 1.5 padding and SHA-512 hashing as per RFC 4055
Traits
A private key that is not directly accessible, but can be used to sign messages
Functions
Helper to obtain an OffsetDateTime
from year, month, day values
KISS function to generate a self signed certificate