💾 Archived View for bbs.geminispace.org › s › GmCapsule › 2360 captured on 2023-11-14 at 08:51:13. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-11-04)
-=-=-=-=-=-=-
What is the recommended method of certificate generation with GmCapsule? I tried out agate first, and that automatically generates self-signed certificates for a specified domain. These can be converted from der to pem format and will work with GmCapsule. Of course just generating a self-signed certificate isn't too hard, but I'm curious what everyone else is doing.
Jun 23 · 5 months ago
I'm doing it with a little bash script that calls the `openssl` CLI and sets the various alternative names and wildcards. This lets me also reuse the private key if there is need to update the certificate.
I added an issue about this to the tracker:
🍵 michaelnordmeyer · Jun 23 at 22:10:
There is the gemcert CLI tool by solderpunk, which can easily generate server and client certificates:
— https://tildegit.org/solderpunk/gemcert
Thank you both! That script works great and it will be very convenient to have GmCapsule generate its own certificates in the future.