Dead-simple, portable generation of host self-signed x509 cert via temporary root CA.
Purpose
This package provides simple, cross-platform generation of self-signed client and server TLS certs. It is intended for cases where it is infeasible to use a more complete internal CA.
Installation
See the Releases page. Download and extract the binary for your platform.
Usage
Commands below are for OSX/Linux; for Windows use gen-self-signed-cert.exe.
Generate the CA and host certificate for your host (here, myhost.example.com):
to create a plaintext key file
gen-self-signed-cert -host myhost.example.com
to create a password-protected, AES-256 encrypted key file