Certificate Generation

What is the recommended method of certificate generation with GmCapsule? I tried out agate first, and that automatically generates self-signed certificates for a specified domain. These can be converted from der to pem format and will work with GmCapsule. Of course just generating a self-signed certificate isn't too hard, but I'm curious what everyone else is doing.

Posted in: s/GmCapsule

☀️ mike

2023-06-23 · 11 months ago

4 Comments ↓

🕹️ skyjake [mod...] · 2023-06-23 at 13:48:

I'm doing it with a little bash script that calls the `openssl` CLI and sets the various alternative names and wildcards. This lets me also reuse the private key if there is need to update the certificate.

🕹️ skyjake [mod...] · 2023-06-23 at 14:04:

I added an issue about this to the tracker:

— /s/GmCapsule-Issues/4

🍵 michaelnordmeyer · 2023-06-23 at 22:10:

There is the gemcert CLI tool by solderpunk, which can easily generate server and client certificates:

— https://tildegit.org/solderpunk/gemcert

☀️ mike [OP] · 2023-06-24 at 17:07:

Thank you both! That script works great and it will be very convenient to have GmCapsule generate its own certificates in the future.