package certify

  1. Overview
  2. Docs
Utility for signing x509 certificates and creating CSRs.

Install

Dune Dependency

Authors

Maintainers

Sources

certify-0.2.tbz
md5=6d2faab47941a748af34eee056907a87

Description

Tags

org:mirage

Published: 24 Dec 2017

README

About

A very small utility for making self-signed certificates and private keys using ocaml-x509 and ocaml-nocrypto for key generation. Intended as a (non-drop-in) replacement for these uses of the command-line openssl utility.

Install

certify is now available in opam, a free source-based package manager for OCaml. You can install certify via opam with opam install certify.

Outside of opam:

git clone https://github.com/yomimono/ocaml-certify
cd ocaml-certify
ocaml pkg/pkg.ml build

Binaries will be in _build/src, and you can install them wherever you like, or just use them in place.

Running

For help, try selfsign --help, sign --help, or csr --help.

  • selfsign produces a private key and self-signed certificate

  • sign takes a certificate signing request, and a CA (key and certificate), and produces a certificate

  • csr produces a private key and a certificate signing request

Tests

Simple openssl interoperability tests are in tests/test.sh. Additional tests using american fuzzy lop to test the robustness of sign when given arbitrary data as a CSR are automatically run via bun when certify is installed with opam install -t.

Dependencies (9)

  1. cmdliner >= "1.0.0" & < "1.1.0"
  2. ptime
  3. cstruct >= "3.2.0"
  4. x509 >= "0.6.0" & < "0.7.0"
  5. nocrypto >= "0.5.4"
  6. topkg build
  7. ocamlbuild build
  8. ocamlfind build
  9. ocaml >= "4.01.0"

Dev Dependencies (1)

  1. conf-openssl with-test

Used by

None

Conflicts

None

OCaml

Innovation. Community. Security.