{"id":13681458,"url":"https://github.com/devilbox/cert-gen","last_synced_at":"2026-03-02T22:02:32.290Z","repository":{"id":40523944,"uuid":"131686995","full_name":"devilbox/cert-gen","owner":"devilbox","description":"Generate CA and self-signed SSL certificates usable in your browser for local development.","archived":false,"fork":false,"pushed_at":"2022-12-18T22:58:54.000Z","size":285,"stargazers_count":94,"open_issues_count":2,"forks_count":33,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-04-20T19:38:41.781Z","etag":null,"topics":["certificate","certificate-authority","certificate-generation","certificates","openssl","self-signed","self-signed-certificate","ssl-cert","ssl-certificate","ssl-certificates"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/devilbox.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-05-01T07:22:51.000Z","updated_at":"2025-03-05T07:06:08.000Z","dependencies_parsed_at":"2022-07-26T02:19:33.794Z","dependency_job_id":null,"html_url":"https://github.com/devilbox/cert-gen","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devilbox%2Fcert-gen","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devilbox%2Fcert-gen/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devilbox%2Fcert-gen/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devilbox%2Fcert-gen/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/devilbox","download_url":"https://codeload.github.com/devilbox/cert-gen/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253839886,"owners_count":21972389,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["certificate","certificate-authority","certificate-generation","certificates","openssl","self-signed","self-signed-certificate","ssl-cert","ssl-certificate","ssl-certificates"],"created_at":"2024-08-02T13:01:31.003Z","updated_at":"2026-03-02T22:02:27.245Z","avatar_url":"https://github.com/devilbox.png","language":"Shell","readme":"# cert-gen\n\n![Tag](https://img.shields.io/github/tag/devilbox/cert-gen.svg)\n[![Discord](https://img.shields.io/discord/1051541389256704091?color=8c9eff\u0026label=Discord\u0026logo=discord)](https://discord.gg/2wP3V6kBj4)\n[![License](https://img.shields.io/badge/license-MIT-blue.svg)](https://opensource.org/licenses/MIT)\n\n[![linting](https://github.com/devilbox/cert-gen/workflows/linting/badge.svg)](https://github.com/devilbox/cert-gen/actions/workflows/linting.yml)\n[![test-linux](https://github.com/devilbox/cert-gen/workflows/test-linux/badge.svg)](https://github.com/devilbox/cert-gen/actions/workflows/test-linux.yml)\n[![test-macos](https://github.com/devilbox/cert-gen/workflows/test-macos/badge.svg)](https://github.com/devilbox/cert-gen/actions/workflows/test-macos.yml)\n[![test-windows](https://github.com/devilbox/cert-gen/workflows/test-windows/badge.svg)](https://github.com/devilbox/cert-gen/actions/workflows/test-windows.yml)\n\nEasily create your own CA and self-signed certificates.\n\nThe generated CA can be imported into Chrome, Firefox or Internet Explorer for local development.\nAll subsequent created certificates will then be valid SSL certificates to each browser.\n\n\u003cimg width=\"200\" style=\"width:200px;\" src=\"img/address-bar.png\" /\u003e\n\n**Table of Contents**\n\n1. [Available Tools](#available-tools)\n 1. [Tools](#tools)\n 2. [Requirements](#requirements)\n 3. [Installation](#installation)\n2. [Create Certificate Authoriy](#create-certificate-authority)\n 1. [Usage: ca-gen](#usage-ca-gen)\n 2. [Execute: ca-gen](#execute-ca-gen)\n 3. [Example: CA](#example-ca)\n3. [Create SSL Certificate](#create-ssl-certificate)\n 1. [Usage: cert-gen](#usage-cert-gen)\n 2. [Execute: cert-gen](#execute-cert-gen)\n 3. [Example: SSL certificate](#example-ssl-certificate)\n4. [Import CA into Chrome](#import-ca-into-chrome)\n5. [License](#license)\n\n----\n\n## Available Tools\n\n#### Tools\n\n| Tools | Description |\n|--------------------------|-------------|\n| [ca-gen](bin/ca-gen) | Creates a certificate authority |\n| [cert-gen](bin/cert-gen) | Creates SSL certificates signed by a certificate authority |\n\n#### Requirements\n\n* `openssl`\n* `bash`\n\n#### Installation\n```bash\n$ sudo make install\n```\n\n\n## Create Certificate Authority\n\n#### Usage: ca-gen\nThe following shows the general usage for `ca-gen`:\n```bash\nUSAGE: ca-gen -n CN [-kdcslouev] \u003ckeyfile\u003e \u003ccrtfile\u003e\n ca-gen --help\n ca-gen --version\n\nRequired arguments\n -n CN Common Name\n\nOptional arguments\n -k int Key size in bits\n -d int Validity in days\n -c C Subject two letter country name (C)\n -s ST Subject state name (ST)\n -l L Subject location (L)\n -o O Subject organization (O)\n -u OU Subject organizational unit (OU)\n -e Email Subject email (emailAddress)\n -v Verbose output\n\nRequired parameter\n \u003ckeyfile\u003e Path to output key file\n \u003ccrtfile\u003e Path to output cert file\n```\n\n#### Execute: ca-gen\nThe following command shows how the CA is generated for the [Devilbox](https://github.com/cytopia/devilbox):\n```bash\n$ ca-gen -v -c DE -s Berlin -l Berlin -o Devilbox -u Devilbox -n devilbox.org \\\n -e ca@devilbox.org devilbox-rootCA.key devilbox-rootCA.crt\n```\n\n#### Example: CA\n```bash\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 43:4a:c5:d2:87:cc:df:bd:f3:85:c7:9c:76:2e:52:d6:06:64:a5:83\n Signature Algorithm: sha256WithRSAEncryption\n Issuer: C = DE, ST = Berlin, L = Berlin, O = Devilbox, OU = Devilbox, CN = devilbox.org, emailAddress = ca@devilbox.org, dnQualifier = \"1R15BhvvsVfYNh+QeB/77jYmCQE=\"\n Validity\n Not Before: Nov 30 20:48:19 2019 GMT\n Not After : Nov 27 20:48:19 2029 GMT\n Subject: C = DE, ST = Berlin, L = Berlin, O = Devilbox, OU = Devilbox, CN = devilbox.org, emailAddress = ca@devilbox.org, dnQualifier = \"1R15BhvvsVfYNh+QeB/77jYmCQE=\"\n Subject Public Key Info:\n Public Key Algorithm: rsaEncryption\n RSA Public-Key: (2048 bit)\n Modulus:\n 00:9a:ec:70:20:32:85:db:a9:cc:b7:87:08:f8:10:\n f8:2f:57:4d:3d:ca:f3:97:1a:b6:a2:20:9f:d8:a3:\n 8b:15:4e:6e:92:5e:28:d6:c7:8b:de:da:9c:98:2f:\n 23:c8:4e:ae:be:58:ec:14:a5:0d:76:4f:2c:bb:e2:\n 22:93:d7:0e:d9:d4:5d:54:25:93:65:11:d7:fd:59:\n 63:95:a5:85:98:da:20:4f:bc:d3:aa:d2:ca:d8:e6:\n 19:de:9e:ca:da:a0:4f:b6:2d:93:6e:81:c0:b9:34:\n 06:25:fd:62:75:83:96:42:12:46:93:53:01:04:17:\n 53:18:e3:81:5e:26:20:3d:85:6d:a4:8b:93:ed:9e:\n 2a:47:21:6e:54:5b:0c:11:de:a5:fd:eb:d6:37:d9:\n b0:49:72:8d:97:68:53:ef:27:69:78:b5:05:75:8a:\n 8c:ad:a5:a1:e4:ab:04:88:42:b4:a4:d7:a8:91:99:\n e3:f5:32:85:55:df:ec:1f:86:83:03:0e:5b:21:16:\n 17:bd:c7:71:7c:a3:8f:4b:e3:8d:ad:cc:0c:d9:6a:\n 93:1e:3a:2c:4f:ee:1e:07:90:d3:46:f4:58:2a:f9:\n d0:41:68:c4:1d:30:2b:ab:3e:f4:4f:55:ba:37:0c:\n 6f:1e:9c:30:d8:81:7e:a1:4e:bc:ae:8a:b2:e7:53:\n a3:ad\n Exponent: 65537 (0x10001)\n X509v3 extensions:\n X509v3 Basic Constraints: critical\n CA:TRUE\n X509v3 Subject Key Identifier:\n D5:1D:79:06:1B:EF:B1:57:D8:36:1F:90:78:1F:FB:EE:36:26:09:01\n X509v3 Key Usage: critical\n Digital Signature, Certificate Sign, CRL Sign\n X509v3 Authority Key Identifier:\n keyid:D5:1D:79:06:1B:EF:B1:57:D8:36:1F:90:78:1F:FB:EE:36:26:09:01\n DirName:/C=DE/ST=Berlin/L=Berlin/O=Devilbox/OU=Devilbox/CN=devilbox.org/emailAddress=ca@devilbox.org/dnQualifier=1R15BhvvsVfYNh+QeB/77jYmCQE=\n serial:43:4A:C5:D2:87:CC:DF:BD:F3:85:C7:9C:76:2E:52:D6:06:64:A5:83\n\n Signature Algorithm: sha256WithRSAEncryption\n 7b:6f:4c:56:ae:ef:76:f2:22:69:92:11:09:dd:67:85:5c:61:\n a7:cb:3a:0b:6e:af:38:e5:72:33:c1:90:ae:31:2d:e6:74:93:\n d3:7d:1e:e0:39:8d:d9:71:4a:bf:04:ba:07:37:99:92:ed:db:\n cc:17:fc:f2:04:de:8b:ae:d1:2c:bc:84:fc:7a:c7:95:0a:4f:\n 44:00:88:11:2f:ce:b0:a8:c2:18:2c:86:5a:26:6d:a5:5e:fd:\n 41:33:52:c1:12:87:26:d2:9b:d4:87:70:58:d0:22:25:f1:47:\n 42:57:ca:68:b7:93:3e:0b:ee:9e:e7:24:36:de:a6:5c:eb:cf:\n cb:a2:db:5d:d0:d4:35:b3:48:18:f2:96:8b:10:60:af:b8:5d:\n 22:ef:19:ed:a7:c9:7e:f5:b9:f8:ca:27:9a:f6:11:bf:b3:36:\n 12:35:99:f0:39:dd:5a:d2:f2:d6:48:b2:bf:59:8c:3d:ea:a2:\n cf:56:7c:84:95:1c:1c:51:36:4c:5c:1a:d3:20:ed:5c:18:f7:\n e5:4a:66:b7:5c:0d:a1:07:a6:d8:7f:4c:5a:b5:c2:fe:3d:d6:\n 49:fb:a6:3d:ed:e3:bc:47:3b:22:43:e8:91:31:dd:cd:9b:c2:\n ad:d8:6b:01:ed:67:0f:c4:c0:c6:07:40:8b:50:a2:69:18:05:\n 3e:3e:85:09\n```\n\n\n## Create SSL Certificate\n\n#### Usage: cert-gen\nThe following shows the general usage for cert-gen:\n```bash\nUSAGE: cert-gen -n CN [-kdcsloueav] \u003cca-key\u003e \u003cca-crt\u003e \u003ckey\u003e \u003ccsr\u003e \u003ccrt\u003e\n cert-gen --help\n cert-gen --version\n\nRequired arguments\n -n CN Common Name\n\nOptional arguments\n -k int Key size in bits\n -d int Validity in days\n -c C Subject two letter country name (C)\n -s ST Subject state name (ST)\n -l L Subject location (L)\n -o O Subject organization (O)\n -u OU Subject organizational unit (OU)\n -e Email Subject email (emailAddress)\n -a names Comma separated list of alt names (subjectAltName)\n -i ips Comma separated list of alt ip addresses (subjectAltName)\n -v Verbose output\n\nRequired parameter\n \u003cca-key\u003e Path to existing CA key file\n \u003cca-crt\u003e Path to existing CA crt file\n \u003ckey\u003e Path to output certificate key file\n \u003ccsr\u003e Path to output certificate csr file\n \u003ccrt\u003e Path to output certificate crt file\n```\n\n#### Execute: cert-gen\nThe following command shows how SSL certificates are generated for the [Devilbox](https://github.com/cytopia/devilbox):\n```bash\n$ cert-gen -v -c DE -s Berlin -l Berlin -o Devilbox -u Devilbox \\\n -n project.loc -e admin@project.loc \\\n -a '*.project.loc,*.www.project.loc' \\\n devilbox-rootCA.key \\\n devilbox-rootCA.crt \\\n project.loc.key \\\n project.loc.csr \\\n project.loc.crt\n```\n\n#### Example: SSL Certificate\n```bash\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 7a:70:c7:1f:31:f2:8c:69:03:5d:6e:5a:d6:5d:44:97:47:e1:b9:58\n Signature Algorithm: sha256WithRSAEncryption\n Issuer: C = DE, ST = Berlin, L = Berlin, O = Devilbox, OU = Devilbox, CN = devilbox.org, emailAddress = ca@devilbox.org, dnQualifier = \"1R15BhvvsVfYNh+QeB/77jYmCQE=\"\n Validity\n Not Before: Nov 30 20:50:11 2019 GMT\n Not After : Mar 4 20:50:11 2022 GMT\n Subject: C = DE, ST = Berlin, L = Berlin, O = Devilbox, OU = Devilbox, CN = project.loc, emailAddress = admin@project.loc\n Subject Public Key Info:\n Public Key Algorithm: rsaEncryption\n RSA Public-Key: (2048 bit)\n Modulus:\n 00:ab:a7:0b:41:cd:5a:00:66:6f:94:15:3b:e5:f1:\n 18:84:38:48:3e:6b:7f:0a:c3:4e:51:58:0b:c9:f5:\n 85:86:ff:61:69:ea:b8:11:5a:b9:9f:97:c5:22:2a:\n d1:f6:91:21:6e:01:ab:46:01:8c:4b:80:ba:74:a7:\n ce:5f:5b:a1:ac:a3:e6:0f:ce:19:1c:ae:68:a3:60:\n f9:f9:82:c1:ea:d3:eb:e5:84:1d:0c:9c:4d:94:82:\n d2:ef:3d:89:ab:0e:15:01:c3:22:8e:cd:7a:49:ae:\n 37:9c:39:9d:40:d1:19:8d:13:3a:a6:36:e4:71:1a:\n 8a:10:b3:ca:b1:b2:a0:a0:e5:5d:ff:39:f9:7b:70:\n 85:01:bd:8f:3b:ce:92:ae:c9:6d:9c:f9:6f:99:5a:\n e9:da:bb:28:95:01:9c:40:92:23:f0:1f:68:a3:a7:\n d5:fc:ac:44:9a:95:63:bd:5b:6e:bd:c2:19:0e:56:\n ab:47:40:57:90:74:d9:25:2e:75:b1:98:b1:82:8e:\n f7:4c:b2:42:fb:a5:3c:71:14:8d:55:da:a3:00:8a:\n 85:ce:45:91:15:8c:35:86:3f:eb:9f:d7:68:15:bf:\n 24:e7:96:49:90:d4:69:71:20:89:c0:c0:c2:cd:63:\n d0:66:38:1e:f6:60:d3:24:64:63:36:c0:19:51:23:\n 23:ad\n Exponent: 65537 (0x10001)\n X509v3 extensions:\n X509v3 Basic Constraints: critical\n CA:FALSE\n X509v3 Subject Key Identifier:\n 64:AE:B5:56:82:FE:E8:92:BF:9C:E0:F4:27:3D:20:79:21:CA:B4:5D\n X509v3 Key Usage: critical\n Digital Signature, Key Encipherment\n X509v3 Authority Key Identifier:\n keyid:D5:1D:79:06:1B:EF:B1:57:D8:36:1F:90:78:1F:FB:EE:36:26:09:01\n DirName:/C=DE/ST=Berlin/L=Berlin/O=Devilbox/OU=Devilbox/CN=devilbox.org/emailAddress=ca@devilbox.org/dnQualifier=1R15BhvvsVfYNh+QeB/77jYmCQE=\n serial:43:4A:C5:D2:87:CC:DF:BD:F3:85:C7:9C:76:2E:52:D6:06:64:A5:83\n\n X509v3 Extended Key Usage:\n TLS Web Server Authentication, TLS Web Client Authentication\n X509v3 Subject Alternative Name:\n DNS:project.loc, DNS:*.project.loc, DNS:*.www.project.loc\n Signature Algorithm: sha256WithRSAEncryption\n 02:73:0d:df:49:da:d0:19:35:c2:fb:1d:99:81:aa:3a:48:51:\n 1e:2e:f4:de:50:73:71:17:0c:6d:83:9e:b1:2c:1d:b5:58:c9:\n db:f0:a9:9c:db:dc:42:29:37:be:5b:59:4a:04:92:3e:da:5f:\n 10:97:ff:6e:d3:23:a1:6a:6f:c9:3f:b5:61:87:6b:a7:e8:ab:\n 72:a2:6e:eb:12:e9:89:71:b8:de:7c:63:62:e0:8e:9a:82:b1:\n ae:96:67:8a:20:63:2b:75:18:1a:04:36:ed:1e:8c:b5:16:d2:\n d4:77:05:5b:54:ee:d8:c4:25:6d:fb:02:2c:dc:e0:dc:2d:37:\n 99:71:66:f8:06:24:ff:69:69:50:b1:10:f2:c5:ff:96:28:75:\n 8a:e3:78:3c:7c:38:a9:1c:20:3e:1f:f5:dc:d3:ec:3b:ae:ac:\n f4:14:45:16:aa:3f:db:eb:ae:b8:1d:0d:4a:76:cb:02:eb:c1:\n 00:e2:42:60:90:18:82:8e:3d:01:6b:1f:78:de:d9:a4:7a:df:\n 71:1e:aa:7e:7b:87:2c:af:ce:47:5d:be:1f:6a:4c:cd:10:67:\n 4e:41:c8:ca:90:fe:ac:2d:a1:92:e5:34:ea:da:ed:d9:9e:2d:\n ac:38:81:7d:13:5b:0f:cd:e8:a7:99:a0:1f:54:29:10:64:19:\n b6:1a:14:ab\n```\n\n\n## Import CA into Chrome\n\n**1. Open Chrome settings - scroll down and click `Advanced`**\n\n\u003cimg width=\"600\" style=\"width:600px;\" src=\"img/01-settings.png\" /\u003e\n\n**2. Find and click on `Manage certificates`**\n\n\u003cimg width=\"600\" style=\"width:600px;\" src=\"img/02-advanced-settings.png\" /\u003e\n\n**3. In the tab, navigate to `AUTHORITIES`**\n\n\u003cimg width=\"600\" style=\"width:600px;\" src=\"img/03-authorities.png\" /\u003e\n\n**4. Select `devilbox-ca.crt` from within the Devilbox git directory**\n\n\u003cimg width=\"600\" style=\"width:600px;\" src=\"img/04-import.png\" /\u003e\n\n**5. Check all boxes**\n\n\u003cimg width=\"600\" style=\"width:600px;\" src=\"img/05-set-trust.png\" /\u003e\n\n\n## License\n\n**[MIT License](LICENSE.md)**\n\nCopyright (c) 2018 [cytopia](https://github.com/cytopia)\n","funding_links":[],"categories":["Shell"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevilbox%2Fcert-gen","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdevilbox%2Fcert-gen","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevilbox%2Fcert-gen/lists"}