[ANN] Announcing gemcert, a simple certificate generator

Solderpunk solderpunk at posteo.net
Wed Jul 15 18:58:25 BST 2020

Previous message (by thread): Amfora and Bombadillo now at the ssh kiosk!
Next message (by thread): [ANN] Announcing gemcert, a simple certificate generator
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ahoy!

My dead simple alternative to using `openssl` and its overwhelming
torrent of cryptic command line switches to generate self-signed
certificates for use in Geminispace is finally starting to take shape
and is now ready for some test driving:

https://tildegit.org/solderpunk/gemcert

Some example incantations follow.

Want to make certificate to use for your server at example.com?  Run:

gemcert -server -domain example.com

and that's it!  You'll get, by default, an ECDSA cert valid for any
subdomain of example.com for 5 years.  Prefer ED25519 and 2 years of
validity?  Easy:

gemcert -server -domain example.com -ed25519 -years 2

Want a long-lived certificate you can use as a client cert for
Astrobotany, with the username HirokoAi?  Easy:

gemcert -client -cn HirokoAi -years 100

You get the idea.

It's still a little rough around the edges in some respects (e.g. the
output is always saved to cert.pem and key.pem in the pwd), but it
should be usable with some care.  Feedback very welcome!

Cheers,
Solderpunk

Previous message (by thread): Amfora and Bombadillo now at the ssh kiosk!
Next message (by thread): [ANN] Announcing gemcert, a simple certificate generator
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list