The easiest way to create self-signed certificates. Ever.
Handy simple tool for common certificate-related operations.
$ certainly test.example.com test2.example.com foo.local Writing test.example.com.key Writing test.example.com.crt $ certainly --inspect test.example.com.crt Self-signed certificate Created on: Sep 6 01:30:45 2018 GMT Expires on: Sep 3 01:30:45 2028 GMT Domains: - test.example.com - test2.example.com - foo.local $ certainly --inspect twitter.com Certificate signed by DigiCert SHA2 High Assurance Server CA Created on: Jul 17 00:00:00 2018 GMT Expires on: Jul 22 12:00:00 2019 GMT Domains: - twitter.com - www.twitter.com
Binary download (Windows, Linux, macOS)
Binaries are available through GitHub Releases.
cargo install certainly
From package manager
yay -S certainly-bin
Debian, Ubuntu (deb)
Download the deb file from GitHub Releases.
Accepting contributions for more!
--stdwill output both key and certificate to STDOUT instead of writing files.
--double-stdwill output the key to STDERR and the certificate to STDOUT instead, so redirection can be used to write or pipe files where needed efficiently. Take care of checking the key is actually formatted properly and not an error message though!
--inspectoutputs terse information about the passed certificate file (or url) and exits.
--make-cacreates a key/certificate pair suitable for issuing instead. Use with
--ca NAMEsigns a certificate with a CA pair instead of self-signing. Provide only the common filename, without the
See the man page for more.
- mkcert, a tool specifically for local-CA certificate management.