• Stars
    star
    170
  • Rank 223,357 (Top 5 %)
  • Language
    Shell
  • License
    MIT License
  • Created over 9 years ago
  • Updated over 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Generate self-signed x.509 certificates for use with SSL/TLS

SSLfie

Generate self-signed x.509 certificates for use with SSL/TLS

Benefits at a glance:

  • Supports multiple domain names in one cert with the SubjectAltName field
  • Trivial to automate β€” the only required argument is a domain name
  • Automatically set modern options by default (-sha256, -utf8)
  • Easy to install .deb and .rpm packages

Synopsis

Usage: sslfie [OPTION]... DOMAIN [DOMAIN2]...

Generate a self-signed x.509 certificate for use with SSL/TLS.

Options:
  -o PATH -- output the cert to a file at PATH
  -k PATH -- output the key to a file at PATH
  -K PATH -- sign key at PATH (instead of generating a new one)
  -c CC   -- country code listed in the cert (default: XX)
  -s SIZE -- generate a key of size SIZE (default: 2048)
  -y N    -- expire cert after N years (default: 10)
  -p      -- prompt for cert values
  -r      -- output csr instead of signing a cert

Installation

Ubuntu and Linux Mint

sudo add-apt-repository ppa:mkropat/ppa
sudo apt-get update
sudo apt-get install sslfie

Debian and Friends

Download the .deb package from Latest Releases. Then run:

sudo dpkg -i sslfie*.deb
sudo apt-get install -f	# if there were missing dependencies

CentOS and Friends

Download the .rpm package from Latest Releases. Then run:

sudo yum localinstall sslfie*.noarch.rpm

Standalone Script

Installation isn't required. The sslfie script is entirely self-contained, so you can just download it:

curl -O https://raw.githubusercontent.com/mkropat/sslfie/master/sslfie
chmod +x sslfie

Then run it like so:

./sslfie www.example.com example.com

Example Usage

Generate a cert for www.example.com:

$ sslfie -c US -o example.crt -k example.key www.example.com example.com

That's it. You can use openssl to examine the generated certificate:

$ openssl x509 -in example.crt -noout -text | less

Some key lines to look for are:

Subject: C=US, CN=www.example.com

And:

X509v3 Subject Alternative Name:
    DNS:www.example.com, DNS:example.com

Generate a Certificate Signing Request (CSR)

Did you know that the steps for creating a self-signed certificate with openssl are almost identical to the steps for creating a certificate signing request? I didn't when I named it sslfie, go figure.

If you want to get a real (that is, not self-signed) certificate, sslfie can help you with that too:

$ sslfie -r -p -o example.csr -k example.key www.example.com example.com

The -r option causes -o to output a CSR instead of a cert. Also notice we're using the -p option, which presents a text UI for inputting the full distinguished name, if you want. Important caveat for using -p: you must use -o and -k to capture the output, because using shell redirection breaks the text UI.

To examine the generated CSR:

$ openssl req -in example.crt -noout -text | less

Inspiration

More Repositories

1

jumpapp

A run-or-raise application switcher for any X11 desktop
Shell
637
star
2

dapper-invoice

A billable-time invoice featuring style over substance
TeX
197
star
3

sh-realpath

A portable, pure shell implementation of realpath
Shell
91
star
4

MlkPwgen

Secure random password generator for .NET and PowerShell
C#
60
star
5

WebSocketDemo

C#
51
star
6

TidyDesktopMonster

Prevent shortcuts from cluttering your desktop ever again
C#
22
star
7

vim-tt

Task timer for Vim
Vim Script
17
star
8

vim-dwiw2015

Minimalist Vim distribution
PowerShell
14
star
9

standalone-dovecot-imap

Keep a local IMAP mirror, painlessly
Shell
13
star
10

vim-uniformity

Safely make whitespace across your project consistent
Vim Script
12
star
11

.NET-Snippets

Miscellaneous code for the .NET framework.
C#
10
star
12

secure-random-password

Generate passwords using a cryptographically-strong source of randomness
JavaScript
10
star
13

vim-ezguifont

Set and adjust the font in a cross-platform way. Supports gVim and all the Neovim GUIs.
Vim Script
8
star
14

is-shell-portable

Shell
8
star
15

BetterWin32Errors

A better interface to the constants defined in winerror.h
C#
6
star
16

jekyll-pages

Self-host your GitHub Pages website.
Shell
4
star
17

luks-mount

Teach mount(8) to open LUKS containers directly
Shell
3
star
18

jumpapp-win32

Jump to another application. Always. (Windows Version)
C#
2
star
19

focus-history

JavaScript
1
star
20

presentation-db-versioning

DB Versioning: it doesn't have to be hard
HTML
1
star
21

presentation-codemash-2018

JavaScript
1
star
22

morris9

TypeScript
1
star
23

barrier

Barrier synchronization implementation for general scripting.
JavaScript
1
star
24

mlk-dlnt

1
star
25

base64urldecoder

JavaScript
1
star
26

AsyncContextFlowStudy

C#
1
star
27

dotfiles

Shell
1
star
28

MlkFileHasher

Simple, stand-alone file hashing utility for Windows
C#
1
star
29

download-integrity-service

Shell
1
star
30

scratch

1
star
31

transit-hackathon

1
star
32

self-decrypt

JavaScript
1
star
33

ShortcutFile

C#
1
star
34

PSSnippets

PowerShell
1
star
35

PowershellAstWriter

C#
1
star
36

form-rel-noopener

HTML
1
star
37

OnScreenGamepad

work in progress
C++
1
star
38

presentation-push-architecture

HTML
1
star
39

VSPerformanceTracker

Visual Studio extension for optimizing development time
C#
1
star
40

phonehome

JavaScript
1
star
41

GetPodcastLink

C#
1
star
42

vim-jumpthere

Lightweight project switcher
Vim Script
1
star
43

test-kitchen-hyperv-poc

Test Kitchen With Hyper-V Proof of Concept
1
star
44

StoryLine

Startup Weekend Blacksburg 2014
JavaScript
1
star
45

mkropat.github.io

SCSS
1
star
46

password-site

JavaScript
1
star
47

WebDeployPackagePoc

JavaScript
1
star
48

vim-gautosession

Vim Script
1
star
49

WindsorTransitiveDependencyOverrideMWE

C#
1
star
50

kappa

messin around
JavaScript
1
star
51

MlkDiskWiper

Smalltalk
1
star
52

presentation-js-strict-mode

They why and how of JS strict mode
HTML
1
star
53

win32-disk-studies

Various examples of how to use the Win32 API and what kind of information you can pull from them
C++
1
star
54

RouteHandlerHttpModule

Find out what ASP.NET MVC controller or Web Forms page handled a given route
C#
1
star
55

RackspaceCloudOfficeApiClient

C#/.NET client library for the Rackspace Cloud Office API
1
star
56

hestrx

Hex editor plugin for Vim
Python
1
star
57

jekyll-theme-antisocial

Drop-in replacement for Minima featuring Medium-inspired typography
HTML
1
star
58

presentation-whats-a-dynamic

HTML
1
star
59

ClientSideFormsAuthPoc

C#
1
star
60

presentation-chef-workshop

HTML
1
star
61

New-PersistentWorld

PowerShell
1
star
62

bloggit

Go
1
star
63

social-media-sandbox-audit

JavaScript
1
star
64

fetch-redirect-study

HTML
1
star
65

Invoke-RsCloudOfficeRequest

PowerShell client for the Rackspace Cloud Office API
1
star