Simple Rust library to generate X.509 certificates.

use rcgen::{generate_simple_self_signed, CertifiedKey};
// Generate a certificate that's valid for "localhost" and "hello.world.example"
let subject_alt_names = vec!["hello.world.example".to_string(),
	"localhost".to_string()];
let CertifiedKey { cert, key_pair } = generate_simple_self_signed(subject_alt_names).unwrap();
println!("{}", cert.pem());
println!("{}", key_pair.serialize_pem());

You can do this:

cargo run
openssl x509 -in certs/cert.pem -text -noout

For debugging, pasting the PEM formatted text to this service is very useful.

You can use rcgen together with the quinn crate. The whole set of commands is:

cargo run
cd ../quinn
cargo run --example server -- --cert ../rcgen/certs/cert.pem --key ../rcgen/certs/key.pem ./
cargo run --example client -- --ca ../rcgen/certs/cert.der https://localhost:4433/README.md

The MSRV policy is to strive for supporting 7-month old Rust versions.

This crate is distributed under the terms of both the MIT license and the Apache License (Version 2.0), at your option.

See LICENSE for details.

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.