https://github.com/tsaarni/certyaml

Declarative way to create x509 certificates for test environments.
https://github.com/tsaarni/certyaml

certificate certificates go golang pki testing x509

Last synced: 8 months ago
JSON representation

Declarative way to create x509 certificates for test environments.

• Host: GitHub
• URL: https://github.com/tsaarni/certyaml
• Owner: tsaarni
• License: apache-2.0
• Created: 2020-01-07T21:48:02.000Z (almost 6 years ago)
• Default Branch: master
• Last Pushed: 2024-09-10T17:19:30.000Z (about 1 year ago)
• Last Synced: 2024-10-14T16:09:53.253Z (about 1 year ago)
• Topics: certificate, certificates, go, golang, pki, testing, x509
• Language: Go
• Homepage:
• Size: 145 KB
• Stars: 13
• Watchers: 3
• Forks: 1
• Open Issues: 3
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# certyaml

Declarative way to create x509 certificates for test environments.

No more storing test certificates and private keys in the repository!

![](https://github.com/tsaarni/certyaml/workflows/unit-tests/badge.svg)

[![Go Reference](https://pkg.go.dev/badge/github.com/tsaarni/certyaml.svg)](https://pkg.go.dev/github.com/tsaarni/certyaml)

## Table of Contents

- [Description](#description)

- [Using certyaml](#using-certyaml)

- [Installing](#installing)

- [YAML Syntax](#yaml-syntax)

- [Go API](#go-api)

## Description

Certyaml is a command line tool and a Go API for issuing certificates.

It is similar to `openssl` or `cfssl` which can also be used for issuing certificates, but certyaml provides simpler way to define complete PKI hierarchies with a compact [YAML syntax](#YAML-syntax) or directly from Go code with a simple API.

Certyaml is targeted for developers who need to set up a private PKI for test environments.

It cannot be used for production environments where publicly trusted certificates are needed.

If you program in other languages, check out following projects:

- [java-certy](https://github.com/tsaarni/java-certy)

- [python-certy](https://github.com/tsaarni/python-certy)

## Using certyaml

```

Usage: certyaml [-d destination] [certs.yaml]

Creates certificates and keys according to manifest file in YAML format.

By default it reads `certs.yaml` as a manifest file and creates files

in current directory.

  -d string

        Short for --destination

  -destination string

        Destination directory where to create the certificates and keys

```

### Installing

**Release builds**

Release builds are available for download in [releases page](https://github.com/tsaarni/certyaml/releases).

**Compiling from source code**

Go compiler is required to build `certyaml` binary

```bash

go install github.com/tsaarni/certyaml/cmd/certyaml@latest

```

The executable will be stored in the go path, by default `~/go/bin/certyaml`.

Alternatively, you can run the tool without installing it:

```bash

go run github.com/tsaarni/certyaml/cmd/certyaml@latest

```

### Using certyaml

Create a YAML manifest file which describes the wanted PKI hierarchy and end-entity certificates

```console

$ cat >certs.yaml <