Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/shubhexists/vanish

A simple config tool to make locally trusted X.509 development certificates for your domains
https://github.com/shubhexists/vanish

certificates command-line developer-tools hardware-support https localhost mkcert operating-system parsing root-ca

Last synced: 19 days ago
JSON representation

A simple config tool to make locally trusted X.509 development certificates for your domains

Host: GitHub
URL: https://github.com/shubhexists/vanish
Owner: shubhexists
License: gpl-3.0
Created: 2024-08-30T00:11:38.000Z (3 months ago)
Default Branch: master
Last Pushed: 2024-09-10T06:05:59.000Z (2 months ago)
Last Synced: 2024-10-14T04:08:36.767Z (about 1 month ago)
Topics: certificates, command-line, developer-tools, hardware-support, https, localhost, mkcert, operating-system, parsing, root-ca
Language: Rust
Homepage: https://crates.io/crates/vanish
Size: 998 KB
Stars: 11
Watchers: 1
Forks: 1
Open Issues: 6
Metadata Files:
- Readme: README.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

Vanish

Fast and simple tool to generate development certificates locally, built in Rust.

Vanish follows the X.509 Standards as mentioned in [RFC 3280](https://www.ietf.org/rfc/rfc3280.txt) ( April 2002 ) to match the PKI Standards.

Vanish also follow the [XDG Base Direcctory Specification](https://specifications.freedesktop.org/basedir-spec/latest/) to store the CA Keys.

```sh
// To generate certificates
$ vanish generate -d localhost -d www.vedanalytics.in

// to generate certificate requests
$ vanish generate -d localhost --req-only
```
## About
Generating certificates locally might be the best option rather that generating it from a registered Authority as you have the control of your private key.

Vanish's CLI built in Rust allows you to generate trusted certificates for your domains which you can use for any domain ( even `localhost` !! ).
Apart from that, many measures have been taken, keeping performance in mind. Vanish -
- Is Cross-platform (macOS, Windows, Linux)
- is a Single binary, hence easy installation
- Built with speed in mind
- Small Binary Size ( Less than 4 MBs on Debian )

## Installation
Currently Vanish is just distributed through [Cargo](https://crates.io/crates/vanish)
but we are working full time to support distribution from other package managers.

### Cargo
```sh
cargo install vanish
```

### Build From Source
```sh
# Install Rust
git clone https://github.com/shubhexists/vanish
cd vanish
cargo build --release
```

## Work In Progress
Although Vanish is now functional, it is to be considered that it is still a new project and hence many planned features are yet to be implemented.
Vanish has implemented -

- [x] - Generate Certificate Requests
- [x] - Generate Certificates and Keys for multiple Domains
- [ ] - Add Trust Store Support for multiple Platforms
- [ ] - Add more encoding Formats ( Currently, only `.pem` is supported.)
- [ ] - Add Support for multiple CA's in the Root Store
- [ ] - Add S/MIME support for emails
- [ ] - Modify Key Size ( Currently it is 2048 bytes ). See, []

These are just the planned ones, It may have many other features. If you have one, file it in the issues !

## Paramenters
The Vanish CLI has many parameters to help you generate certificates without much hassle!
> Note - Order of these commands don't matter. So, you can place them in any order.

Let's have a look at them -

1) `-d` or `--domain` to add a domain to the list
```
vanish generate -d vedanalytics.in -d localhost
```
2) `--no-ca` to force Vanish to use the default CA in the Data Directory. If it could not find a certificate, it will return a error :D
```
vanish generate -d vedanalytics.in -d localhost --no-ca
```
3) `--req-only` to generate a "Certificate Request" rather than a Certificate. You can use this Request to further generate a Certificate.
```
vanish generate -d vedanalytics.in -d localhost --req-only
```
4) `--keyfile` and `--certfile` to provide your own CA certificates. Vanish would then use these certificates to generate your Ceertificate!

> Note: You need to provide both `--keyfile` and `--certfile`. If you provide just one, Vanish will prompt you a error!
```
vanish generate -d vedanalytics.in -d localhost --keyfile ./ca-key.pem --certfile ./ca.pem
```
5) `--csr` to generate certificates from a "Certificate Request" file

> Note - `--csr` flag conflicts with the `--req-only` flag as you can not generate Requests from a Request right? : D
```
vanish generate --csr ./csr.pem
```
6) `-o` or `--output` to specify a output directory.

> Note: The value of `-o` Argument should be a directory and not a file. Vanish automatically generates the filename to store in the specified directory
> If you don't specify a directory, the default directories will be the Current Working Directory.
```
vanish generate --csr ./csr.pem -o ./certificates/
```
7) `-c` for Country, `-cn` for `Common Name`, `-s` for State. However option, it is a good practice to include these things in your certificate.
```
vanish generate -d vedanalytics.in -d localhost --no-ca -c India -s Delhi
```
## NOTE

Thank's for reading. Do drop a star ✨ as it helps to spread the words :D