diff options
| author | Grégoire Duchêne <gduchene@awhk.org> | 2019-08-27 22:29:00 +0100 |
|---|---|---|
| committer | Grégoire Duchêne <gduchene@awhk.org> | 2019-08-27 22:29:00 +0100 |
| commit | 233f46f442fb56dadf1208488d3f83dc2851457d (patch) | |
| tree | ebcc8a7bf1fa13866a14f13663e10a0cd8803f96 /README.md | |
| parent | 5f2cf196c41ab33d7b46b86e61b1e2464ae28dc6 (diff) | |
First version
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..0bb50f8 --- /dev/null +++ b/README.md @@ -0,0 +1,30 @@ +# gencert + +A thing that generates certificates. Since https://letsencrypt.org/ is +also a thing, you should probably use that instead. Still, gencert can +be useful to do PKI on things that only live on your LAN. + +## Examples + +```shell +# Generate a self-signed certificate. +# This generates ~/out/my-ca.crt and ~/out/my-ca.key. +$ gencert \ + -c US \ + -o example.com \ + -cn 'My CA' \ + -d $((100 * 24))h \ + -out ~/out/my-ca + +# Generate a normal certificate. +# This reads ~/out/my-ca.crt and ~/out/my-ca.key, and generates +# ~/out/my-site.crt and ~/my-site.key. +$ gencert \ + -ca ~/out/my-ca \ + -c US \ + -o example.com \ + -cn 'My Server' \ + -d $((10 * 24))h \ + -dns www.example.com \ + -out ~/out/my-site +``` |