A simple tool to generate a root certificate authority (CA), intermediate, client, and server certificates for testing purposes.
This tool relies on rcgen to generate x509 certificates.
This tool is not intended for production use. Please use a dedicated certificate infrastructure!
You want to have an easy and fast way to test TLS or even mTLS connections with x509 certificates but your infrastructure lags the processes or ways to get them? Or you have a testing environment that you deploy via ansible and want to create your on certificates to test TLS connections reliably?
This project could be the answer then!
Write your certificate chain configuration once and create all necessary certificates when ever you need new ones!
For detailed information about the CLI run test-certs --help.
It is possible to specific the input file via the command line. The input file can either be parsed as YAML or JSON
test-certs --input ./cert.yaml --out-dir ./certs yaml
You can also pipe in a configuration via stdin:
echo "my-client:\n type: client\n dns_name: my-client.org" | test-certs
This enables you to use heredoc to generate certificates:
cat << EOF | test-certs
my-client:
type: client
dns_name: my-client.org
EOFAn example configuration file on how to create a root certificate that issues an intermediate ca which again issues a server and a client certificate.
step-ca: A complete Public-Key-Infrastructure (PKI) that has a lot of features!- openssl: The good old way to create any certificate you need.