mkropat / Sslfie
Licence: mit
Generate self-signed x.509 certificates for use with SSL/TLS
Stars: ✭ 169
Programming Languages
shell
77523 projects
Labels
Projects that are alternatives of or similar to Sslfie
Cert
Cert is the Go tool to get TLS certificate information.
Stars: ✭ 166 (-1.78%)
Mutual labels: ssl, certificate
Ssl Checker
Python script that collects SSL/TLS information from hosts
Stars: ✭ 94 (-44.38%)
Mutual labels: ssl, certificate
Nico
A HTTP2 web server for reverse proxy and single page application, automatically apply for ssl certificate, Zero-Configuration.
Stars: ✭ 43 (-74.56%)
Mutual labels: ssl, certificate
Ssl Certificate
A class to validate SSL certificates
Stars: ✭ 522 (+208.88%)
Mutual labels: ssl, certificate
Certstrap
Tools to bootstrap CAs, certificate requests, and signed certificates.
Stars: ✭ 1,689 (+899.41%)
Mutual labels: ssl, certificate
Certigo
A utility to examine and validate certificates in a variety of formats
Stars: ✭ 662 (+291.72%)
Mutual labels: ssl, certificate
Ssl Proxy
🔒 Simple zero-config SSL reverse proxy with real autogenerated certificates (LetsEncrypt, self-signed, provided)
Stars: ✭ 427 (+152.66%)
Mutual labels: ssl, certificate
Https Localhost
HTTPS server running on localhost
Stars: ✭ 122 (-27.81%)
Mutual labels: ssl, certificate
Pem
Create private keys and certificates with node.js
Stars: ✭ 496 (+193.49%)
Mutual labels: ssl, certificate
Acmetool
🔒 acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)
Stars: ✭ 1,882 (+1013.61%)
Mutual labels: ssl, certificate
Ansible Role Certbot
Ansible Role - Certbot (for Let's Encrypt)
Stars: ✭ 477 (+182.25%)
Mutual labels: ssl, certificate
Telegraph
Secure Web Server for iOS, tvOS and macOS
Stars: ✭ 474 (+180.47%)
Mutual labels: ssl, certificate
O Saft
O-Saft - OWASP SSL advanced forensic tool
Stars: ✭ 306 (+81.07%)
Mutual labels: ssl, certificate
Ssl
Self-signed Wildcard SSL Certificate Generator
Stars: ✭ 336 (+98.82%)
Mutual labels: ssl, certificate
Pki
The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.
Stars: ✭ 97 (-42.6%)
Mutual labels: ssl, certificate
Aspnetcorecertificates
Certificate Manager in .NET Core for creating and using X509 certificates
Stars: ✭ 135 (-20.12%)
Mutual labels: ssl, certificate
SSLfie
Generate self-signed x.509 certificates for use with SSL/TLS
Benefits at a glance:
- Supports multiple domain names in one cert with the SubjectAltName field
- Trivial to automate — the only required argument is a domain name
- Automatically set modern options by default (
-sha256,-utf8) - Easy to install
.deband.rpmpackages
Synopsis
Usage: sslfie [OPTION]... DOMAIN [DOMAIN2]...
Generate a self-signed x.509 certificate for use with SSL/TLS.
Options:
-o PATH -- output the cert to a file at PATH
-k PATH -- output the key to a file at PATH
-K PATH -- sign key at PATH (instead of generating a new one)
-c CC -- country code listed in the cert (default: XX)
-s SIZE -- generate a key of size SIZE (default: 2048)
-y N -- expire cert after N years (default: 10)
-p -- prompt for cert values
-r -- output csr instead of signing a cert
Installation
Ubuntu and Linux Mint
sudo add-apt-repository ppa:mkropat/ppa
sudo apt-get update
sudo apt-get install sslfie
Debian and Friends
Download the .deb package from Latest Releases. Then run:
sudo dpkg -i sslfie*.deb
sudo apt-get install -f # if there were missing dependencies
CentOS and Friends
Download the .rpm package from Latest Releases. Then run:
sudo yum localinstall sslfie*.noarch.rpm
Standalone Script
Installation isn't required. The sslfie script is entirely self-contained,
so you can just download it:
curl -O https://raw.githubusercontent.com/mkropat/sslfie/master/sslfie
chmod +x sslfie
Then run it like so:
./sslfie www.example.com example.com
Example Usage
Generate a cert for www.example.com:
$ sslfie -c US -o example.crt -k example.key www.example.com example.com
That's it. You can use openssl to examine the generated certificate:
$ openssl x509 -in example.crt -noout -text | less
Some key lines to look for are:
Subject: C=US, CN=www.example.com
And:
X509v3 Subject Alternative Name:
DNS:www.example.com, DNS:example.com
Generate a Certificate Signing Request (CSR)
Did you know that the steps for creating a self-signed certificate with
openssl are almost identical to the steps for creating a certificate signing
request? I didn't when I named it sslfie, go figure.
If you want to get a real (that is, not self-signed) certificate, sslfie can
help you with that too:
$ sslfie -r -p -o example.csr -k example.key www.example.com example.com
The -r option causes -o to output a CSR instead of a cert. Also notice
we're using the -p option, which presents a text UI for inputting the full
distinguished
name,
if you want. Important caveat for using -p: you must use -o and -k to
capture the output, because using shell redirection breaks the text UI.
To examine the generated CSR:
$ openssl req -in example.crt -noout -text | less
Inspiration
-
Certify — earlier command that functions very similarly
- (I wrote
sslfiefrom scratch because I needed something that could be automated)
- (I wrote
- Creating certificates with SANs using OpenSSL — example config file
- How to generate self-signed cert by jww — good howto post
-
SSL howto by Tommy M. McGuire — example of using environment variables in
opensslconfig
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].