zeasypki -- easy PKI
This is helper script for managing X.509 TLS PKI.
-ECDSA keypairs are handled with GnuTLS'es certtool.
-GOST keypairs are handled with PyGOST'es utilities
-(http://www.pygost.cypherpunks.ru).
+ECDSA and EdDSA keypairs are handled with GnuTLS'es certtool.
+GOST keypairs are handled with GoGOST'es utilities
+(http://www.gogost.cypherpunks.ru).
CA certificates have 10 years validity lifetime.
EE certificates have 365 days one.
-EE certificates contain only domain name and a country.
+EE certificates contain only domain name and optionally a country.
-Edit zeasypki to suit your needs and working environment. Probably you
-want to change goston(), that activates PyGOST venv and key encryption
-procedures.
+Edit zeasypki to suit your needs and working environment. Probably you want
+to change path-variable setting, that points to GoGOST'es built utilities.
* Create CA keypairs:
$ mkdir mypki && cd mypki
* Optionally encrypt them (that also can be done with EE keypairs too):
$ zeasypki encrypt ca/ecdsa/ecdsa-root.com
- [GnuPG is invoked here]
+ [age is invoked here]
$ print ca/ecdsa/ecdsa-root.com/*
cer.pem
key.pem.enc