DEPRECATED — You should use step instead. // 🎓 Handy simple tool for common certificate-related operations.
--source
flag that prints out the tool’s own source files.KNOWN ISSUE: does not produce working CA-issued certificates. Use 1.6.2 for now.
--ecdsa
flag for future-proofingThe upside is that certificate generation for elliptical is faster (by about 20%), binary size is reduced (by about 33%), and less memory is used (by about %15).
The downside is that build times are slower (by about 30%), and RSA generation is very slow (several orders of magnitude!)
--reverse-std
to output certificate first, then key--rsa
to use 4096-bit RSA keys instead of ECDSA--inspect
supports IPv4, v6, Email, and URI names on certs--client
flag to generate client certificates (#1)--inspect url
.Expired: date
rather than Expires: date
.Y-m-d H:M:S