✏️ Editing: README Read Only

The following command has been used to generate test keys:

for x in 256 512 2048; do openssl genrsa -out rsa${k}_key.pem $k; done

For the elliptic curve private keys, this command was used:

for k in "prime256v1" "secp384r1" "secp521r1" do
	    openssl genpkey -algorithm ${k} -out ec_${k}_key.pem
    done

and for the CSR PEM (Certificate Signing Request):

openssl req -new -out csr-Xsans_X.pem -key rsa512_key.pem [-config csr-Xsans_X.conf | -subj '/CN=example.com'] [-outform DER > csr_X.der]

and for the certificate:

openssl req -new -out cert_X.pem -key rsaX_key.pem -subj '/CN=example.com' -x509 [-outform DER > cert_X.der]

`csr-mixed.pem` was generated with pyca/cryptography using the following snippet:

from cryptography import x509
	from cryptography.hazmat.primitives import hashes, serialization
	k = serialization.load_pem_private_key(
	    open("./acme/acme/_internal/tests/testdata/rsa2048_key.pem", "rb").read(), None
	)
	csr = (
	    x509.CertificateSigningRequestBuilder().add_extension(
	        x509.SubjectAlternativeName([x509.DNSName('a.exemple.com'), x509.IPAddress(ipaddress.ipaddr('192.0.2.111'))]),
	        critical=False
	    ).subject_name(
	        x509.Name([])
	    ).sign(
	        k, hashes.SHA256()
	    )
	)
	open("./acme/acme/_internal/tests/testdata/csr-mixed.pem", "wb").write(
	    csr.public_bytes(serialization.Encoding.PEM)
	)

🔐 Sid Gifari File Manager Pro