1use rcgen::{CertifiedKey, generate_simple_self_signed};
2use std::error::Error;
3use std::fs::File;
4use std::io::Write;
5use std::path::Path;
6
7fn write_certs(
8 cert_dir_path: impl AsRef<Path>,
9 cert: &[u8],
10 key: &[u8],
11) -> Result<(), Box<dyn Error>> {
12 std::fs::create_dir_all(&cert_dir_path)?;
13
14 let cert_path = cert_dir_path.as_ref().join("crt.pem");
15 let key_path = cert_dir_path.as_ref().join("key.pem");
16
17 let mut cert_file = File::create(cert_path)?;
18 let mut key_file = File::create(key_path)?;
19
20 cert_file.write_all(cert)?;
21 key_file.write_all(key)?;
22
23 Ok(())
24}
25
26pub fn generate_self_signed_localhost_certs(
28 cert_dir_path: impl AsRef<Path>,
29) -> Result<(), Box<dyn Error>> {
30 let subject_alt_names = vec!["localhost".to_string()];
31
32 let CertifiedKey { cert, signing_key } = match generate_simple_self_signed(subject_alt_names) {
33 Ok(ck) => {
34 tracing::info!("generated self-signed localhost cert");
35 ck
36 }
37 Err(err) => {
38 tracing::error!("failed to generate self-signed localhost cert");
39 return Err(err.into());
40 }
41 };
42
43 let cert = cert.pem();
44 let key = signing_key.serialize_pem();
45
46 write_certs(cert_dir_path, cert.as_bytes(), key.as_bytes())?;
47
48 Ok(())
49}