Is there a simple C library or function to programmatically generate a self-signed certificate in C on Ubuntu? Of course, one can execute a simple system("....") call to execute a CLI. I am looking for a native, small, stand-alone library just for this purpose with possibly added functionality but not with the full-weight of TLS implementations such as openssl, boringssl, mbedTls, etc.
Asked
Active
Viewed 137 times
1
-
You're running Ubuntu but you can't just link to the OpenSSL library? – user Jun 22 '20 at 13:26
-
I’m voting to close this question because "Is there a product/service that does X?" questions are off-topic. – schroeder Jun 22 '20 at 14:05
1 Answers
2
Is there a simple C library or function to programmatically generate a self-signed Certificate in C on Ubuntu?
One that isn't OpenSSL on a base Ubuntu system? No.
I am looking for a native small stand-alone library just for this purpose with possibly added functionality but not with the full-weight of TLS implementations such as openssl, boringssl, mbedTls, etc.
It may be possible to isolate some of the code and make it into a standalone method somehow, but I'd discourage this route. It's unlikely that such a tool or library exists for this task on its own.
Use a known, maintained TLS library for this. Even if it will ever only be generating self-signed certs.
Pedro
- 3,911
- 11
- 25
-
I agree with @Pedro. Creating self-signed certificates involves ASN.1, X.509, and DER encoding. See the answer by Marteen Bodewes at https://crypto.stackexchange.com/questions/40157/parsing-of-x-509-certificates for why you want to stick with with the tried and true for this. – mti2935 Jun 22 '20 at 14:11
-
@Pedro Will wait for a few more responses if there is nothing available, will accept as answer. – asinix Jun 22 '20 at 14:30