mrbald · December 22, 2025 18:25
diff --git a/trustit.py b/trustit.py
 #!/usr/bin/env python3

 # Generated with ChatGPT 5.1 AI, test before using
 # Intended for test environments

 from pathlib import Path
 import typer
 import trustme

 app = typer.Typer(no_args_is_help=True)

 class KeyAlgo(str, Enum):
    rsa = "rsa"
    ecdsa = "ecdsa"

 def to_key_type(algo: KeyAlgo) -> trustme.KeyType:
    return trustme.KeyType.RSA if algo == KeyAlgo.rsa else trustme.KeyType.ECDSA

 def load_or_create_ca(p: Path, key_algo: KeyAlgo) -> trustme.CA:
    cert_p = p / "ca.crt.pem"
    key_p  = p / "ca.key.pem"
    if cert_p.exists() and key_p.exists():
        return trustme.CA.from_pem(cert_p.read_bytes(), key_p.read_bytes())

    ca = trustme.CA(key_type=to_key_type(key_algo))
    p.mkdir(parents=True, exist_ok=True)
    ca.cert_pem.write_to_path(cert_p)
    ca.private_key_pem.write_to_path(key_p)
    return ca

 @app.command()
 def init(
    dir: Path = Path(".certs"),
    key_algo: KeyAlgo = typer.Option(KeyAlgo.rsa, "--key-algo"),
 ):
    load_or_create_ca(dir, key_algo)
    typer.echo(f"Wrote {dir/'ca.crt.pem'} and {dir/'ca.key.pem'}")

 @app.command()
 def issue(
    name: str,
    identity: list[str] = typer.Option(..., "--id", help="SAN identities, repeatable"),
    dir: Path = Path(".certs"),
    key_algo: KeyAlgo = typer.Option(KeyAlgo.rsa, "--key-algo"),
    ca_key_algo: KeyAlgo = typer.Option(KeyAlgo.rsa, "--ca-key-algo"),
 ):
    ca = load_or_create_ca(dir, ca_key_algo)
    leaf = ca.issue_cert(*identity, common_name=name, key_type=to_key_type(key_algo))
    leaf.private_key_pem.write_to_path(dir / f"{name}.key.pem")

    cert_path = dir / f"{name}.crt.pem"
    first = True
    for blob in leaf.cert_chain_pems:
        blob.write_to_path(cert_path, append=not first)
        first = False

    typer.echo(f"key={dir/f'{name}.key.pem'}")
    typer.echo(f"cert(chain)={cert_path}")
    typer.echo(f"trust(CA)={dir/'ca.crt.pem'}")

 if __name__ == "__main__":
    app()
	#!/usr/bin/env python3

	# Generated with ChatGPT 5.1 AI, test before using
	# Intended for test environments

	from pathlib import Path
	import typer
	import trustme

	app = typer.Typer(no_args_is_help=True)

	class KeyAlgo(str, Enum):
	rsa = "rsa"
	ecdsa = "ecdsa"

	def to_key_type(algo: KeyAlgo) -> trustme.KeyType:
	return trustme.KeyType.RSA if algo == KeyAlgo.rsa else trustme.KeyType.ECDSA

	def load_or_create_ca(p: Path, key_algo: KeyAlgo) -> trustme.CA:
	cert_p = p / "ca.crt.pem"
	key_p = p / "ca.key.pem"
	if cert_p.exists() and key_p.exists():
	return trustme.CA.from_pem(cert_p.read_bytes(), key_p.read_bytes())

	ca = trustme.CA(key_type=to_key_type(key_algo))
	p.mkdir(parents=True, exist_ok=True)
	ca.cert_pem.write_to_path(cert_p)
	ca.private_key_pem.write_to_path(key_p)
	return ca

	@app.command()
	def init(
	dir: Path = Path(".certs"),
	key_algo: KeyAlgo = typer.Option(KeyAlgo.rsa, "--key-algo"),
	):
	load_or_create_ca(dir, key_algo)
	typer.echo(f"Wrote {dir/'ca.crt.pem'} and {dir/'ca.key.pem'}")

	@app.command()
	def issue(
	name: str,
	identity: list[str] = typer.Option(..., "--id", help="SAN identities, repeatable"),
	dir: Path = Path(".certs"),
	key_algo: KeyAlgo = typer.Option(KeyAlgo.rsa, "--key-algo"),
	ca_key_algo: KeyAlgo = typer.Option(KeyAlgo.rsa, "--ca-key-algo"),
	):
	ca = load_or_create_ca(dir, ca_key_algo)
	leaf = ca.issue_cert(*identity, common_name=name, key_type=to_key_type(key_algo))
	leaf.private_key_pem.write_to_path(dir / f"{name}.key.pem")

	cert_path = dir / f"{name}.crt.pem"
	first = True
	for blob in leaf.cert_chain_pems:
	blob.write_to_path(cert_path, append=not first)
	first = False

	typer.echo(f"key={dir/f'{name}.key.pem'}")
	typer.echo(f"cert(chain)={cert_path}")
	typer.echo(f"trust(CA)={dir/'ca.crt.pem'}")

	if __name__ == "__main__":
	app()
No results found