Skip to content
This repository was archived by the owner on Feb 16, 2023. It is now read-only.

Releases: passcod/certainly

v1.8.0: source included

Choose a tag to compare

@passcod passcod released this 16 Sep 11:16
  • Adds a --source flag that prints out the tool’s own source files.

KNOWN ISSUE: does not produce working CA-issued certificates. Use 1.6.2 for now.

v1.7.0: Faster, smaller, easier to build

Choose a tag to compare

@passcod passcod released this 15 Sep 01:47
  • Remove dependency on OpenSSL
  • Change the inspect output format to:
    • Show more of the subject/issuer names
    • Show the names of certificates in the chain, for remotes
    • Show whether the certificate analysed was local or remote
    • Show an openssl oneliner to get more details
  • Support Ed25519 keys
  • Add an --ecdsa flag for future-proofing

The upside is that certificate generation for elliptical is faster (by
about 20%), binary size is reduced (by about 33%), and less memory is
used (by about %15).

The downside is that build times are slower (by about 30%), and RSA
generation is very slow (several orders of magnitude!)

v1.6.2

Choose a tag to compare

@passcod passcod released this 02 Jul 06:26
  • Set the CA certificate's maxpathlen to zero

v1.6.1

Choose a tag to compare

@passcod passcod released this 02 Jul 06:05
  • Use a different subject and issuer DN
  • Add OU field to DN
  • Allow env overrides for some DN fields

v1.6.0

Choose a tag to compare

@passcod passcod released this 02 Jul 01:00
  • Add --reverse-std to output certificate first, then key

v1.5.0

Choose a tag to compare

@passcod passcod released this 01 Jul 22:48
  • For legacy applications, use --rsa to use 4096-bit RSA keys instead of ECDSA

v1.4.0

Choose a tag to compare

@passcod passcod released this 01 Jul 10:39
  • Certificates can be created with IPv4 and IPv6 names
  • --inspect supports IPv4, v6, Email, and URI names on certs

v1.3.0

Choose a tag to compare

@passcod passcod released this 06 Jun 23:28
  • New --client flag to generate client certificates (#1)

v1.2.2

Choose a tag to compare

@passcod passcod released this 09 Oct 10:43
  • Untrusted remote certificates now display correctly with --inspect url.
  • If a certificate is expired the text will read Expired: date rather than Expires: date.
  • Inspect date formats changed to Y-m-d H:M:S

v1.2.1

Choose a tag to compare

@passcod passcod released this 09 Oct 04:41
1.2.1