💾 Archived View for rawtext.club › ~sloum › geminilist › 002209.gmi captured on 2020-09-24 at 01:21:44. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Solderpunk solderpunk at posteo.net
Wed Jul 15 18:58:25 BST 2020
- - - - - - - - - - - - - - - - - - -
Ahoy!
My dead simple alternative to using `openssl` and its overwhelmingtorrent of cryptic command line switches to generate self-signedcertificates for use in Geminispace is finally starting to take shapeand is now ready for some test driving:
https://tildegit.org/solderpunk/gemcert
Some example incantations follow.
Want to make certificate to use for your server at example.com? Run:
gemcert -server -domain example.com
and that's it! You'll get, by default, an ECDSA cert valid for anysubdomain of example.com for 5 years. Prefer ED25519 and 2 years ofvalidity? Easy:
gemcert -server -domain example.com -ed25519 -years 2
Want a long-lived certificate you can use as a client cert forAstrobotany, with the username HirokoAi? Easy:
gemcert -client -cn HirokoAi -years 100
You get the idea.
It's still a little rough around the edges in some respects (e.g. theoutput is always saved to cert.pem and key.pem in the pwd), but itshould be usable with some care. Feedback very welcome!
Cheers,Solderpunk