mirror of https://github.com/tlsnotary/tlsn.git synced 2026-01-09 13:27:59 -05:00

Files

yuroitaki edc2a1783d refactor(notary): default to ephemeral key, remove config file & fixtures (#818 )

* Add default values, refactor.

* Prepend file paths.

* Remove config and refactor.

* Fix fmt, add missing export.

* Simplify error.

* Use serde to print.

* Update crates/notary/server/src/config.rs

Co-authored-by: dan <themighty1@users.noreply.github.com>

* fixture removal + generate signing key (#819)

* Default to ephemeral key gen, remove fixutres.

* Fix wording.

* Add configuring sig alg, comment fixes.

* Fix sig alg id parsing.

* Refactor pub key to pem.

* Return error, add test.

* Update crates/notary/server/src/signing.rs

Co-authored-by: Hendrik Eeckhaut <hendrik@eeckhaut.org>

---------

Co-authored-by: yuroitaki <>
Co-authored-by: Hendrik Eeckhaut <hendrik@eeckhaut.org>

---------

Co-authored-by: yuroitaki <>
Co-authored-by: dan <themighty1@users.noreply.github.com>
Co-authored-by: Hendrik Eeckhaut <hendrik@eeckhaut.org>

2025-05-16 19:02:20 +08:00

905 B

Raw Blame History

Create a private key for the root CA

openssl genpkey -algorithm RSA -out rootCA.key -pkeyopt rsa_keygen_bits:2048

Create a self-signed root CA certificate (100 years validity)

openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 36525 -out rootCA.crt -subj "/C=US/ST=State/L=City/O=tlsnotary/OU=IT/CN=tlsnotary.org"

Create a private key for the end entity certificate

openssl genpkey -algorithm RSA -out notary.key -pkeyopt rsa_keygen_bits:2048

Create a certificate signing request (CSR) for the end entity certificate

openssl req -new -key notary.key -out notary.csr -subj "/C=US/ST=State/L=City/O=tlsnotary/OU=IT/CN=tlsnotaryserver.io"

Sign the CSR with the root CA to create the end entity certificate (100 years validity)

openssl x509 -req -in notary.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out notary.crt -days 36525 -sha256 -extfile openssl.cnf -extensions v3_req

905 B Raw Blame History