32 lines
1.4 KiB
Rust
32 lines
1.4 KiB
Rust
use std::fs;
|
|
|
|
use rcgen::{
|
|
BasicConstraints, Certificate, CertificateParams,
|
|
DistinguishedName, DnType, IsCa, KeyPair, PKCS_ECDSA_P256_SHA256,
|
|
};
|
|
|
|
fn main() {
|
|
let key_pair = KeyPair::generate(&PKCS_ECDSA_P256_SHA256).expect("Generate key pair failed");
|
|
let key_pem = key_pair.serialize_pem();
|
|
let mut certificate_params = CertificateParams::default();
|
|
certificate_params.key_pair = Some(key_pair);
|
|
certificate_params.is_ca = IsCa::Ca(BasicConstraints::Constrained(0));
|
|
let mut distinguished_name = DistinguishedName::new();
|
|
distinguished_name.push(DnType::CommonName, "Proxy Inspector Test CA");
|
|
certificate_params.distinguished_name = distinguished_name;
|
|
|
|
let certificate = Certificate::from_params(certificate_params)
|
|
.unwrap_or_else(|e| panic!("Generate cert failed: {}", e));
|
|
let certificate_pem = certificate.serialize_pem_with_signer(&certificate).expect("Sign cert failed");
|
|
println!("CERTIFICATE:\n{}", certificate_pem);
|
|
println!("KEY:\n{}", key_pem);
|
|
|
|
if fs::metadata("cert.pem").is_ok() || fs::metadata("cert.key").is_ok() {
|
|
println!("[ERROR] cert.pem or cert.key exists!");
|
|
return;
|
|
}
|
|
fs::write("cert.pem", certificate_pem).expect("Write cert.pem failed");
|
|
println!("Write cert.pem succeed");
|
|
fs::write("cert.key", key_pem).expect("Write cert.key failed");
|
|
println!("Write cert.key succeed");
|
|
} |