Struct X509Builder 

pub struct X509Builder(/* private fields */);

A builder used to construct an X509.

Implementations

impl X509Builder

pub fn new() -> Result<X509Builder, ErrorStack>

Creates a new builder.

This corresponds to X509_new.

pub fn set_not_after( &mut self, not_after: &Asn1TimeRef, ) -> Result<(), ErrorStack>

Sets the notAfter constraint on the certificate.

This corresponds to X509_set1_notAfter.

pub fn set_not_before( &mut self, not_before: &Asn1TimeRef, ) -> Result<(), ErrorStack>

Sets the notBefore constraint on the certificate.

This corresponds to X509_set1_notBefore.

pub fn set_version(&mut self, version: i32) -> Result<(), ErrorStack>

Sets the version of the certificate.

Note that the version is zero-indexed; that is, a certificate corresponding to version 3 of the X.509 standard should pass 2 to this method.

This corresponds to X509_set_version.

pub fn set_serial_number( &mut self, serial_number: &Asn1IntegerRef, ) -> Result<(), ErrorStack>

Sets the serial number of the certificate.

This corresponds to X509_set_serialNumber.

pub fn set_issuer_name( &mut self, issuer_name: &X509NameRef, ) -> Result<(), ErrorStack>

Sets the issuer name of the certificate.

This corresponds to X509_set_issuer_name.

pub fn set_subject_name( &mut self, subject_name: &X509NameRef, ) -> Result<(), ErrorStack>

Sets the subject name of the certificate.

When building certificates, the C, ST, and O options are common when using the openssl command line tools. The CN field is used for the common name, such as a DNS name.

use openssl::x509::{X509, X509NameBuilder};

let mut x509_name = openssl::x509::X509NameBuilder::new().unwrap();
x509_name.append_entry_by_text("C", "US").unwrap();
x509_name.append_entry_by_text("ST", "CA").unwrap();
x509_name.append_entry_by_text("O", "Some organization").unwrap();
x509_name.append_entry_by_text("CN", "www.example.com").unwrap();
let x509_name = x509_name.build();

let mut x509 = openssl::x509::X509::builder().unwrap();
x509.set_subject_name(&x509_name).unwrap();

This corresponds to X509_set_subject_name.

pub fn set_pubkey<T>(&mut self, key: &PKeyRef<T>) -> Result<(), ErrorStack>

where T: HasPublic,

Sets the public key associated with the certificate.

This corresponds to X509_set_pubkey.

pub fn x509v3_context<'a>( &'a self, issuer: Option<&'a X509Ref>, conf: Option<&'a ConfRef>, ) -> X509v3Context<'a>

Returns a context object which is needed to create certain X509 extension values.

Set issuer to None if the certificate will be self-signed.

This corresponds to X509V3_set_ctx.

pub fn append_extension( &mut self, extension: X509Extension, ) -> Result<(), ErrorStack>

Adds an X509 extension value to the certificate.

This works just as append_extension except it takes ownership of the X509Extension.

pub fn append_extension2( &mut self, extension: &X509ExtensionRef, ) -> Result<(), ErrorStack>

Adds an X509 extension value to the certificate.

This corresponds to X509_add_ext.

pub fn sign<T>( &mut self, key: &PKeyRef<T>, hash: MessageDigest, ) -> Result<(), ErrorStack>

where T: HasPrivate,

Signs the certificate with a private key.

This corresponds to X509_sign.

pub fn build(self) -> X509

Consumes the builder, returning the certificate.

Layout

Note: Most layout information is completely unstable and may even differ between compilations. The only exception is types with certain repr(...) attributes. Please see the Rust Reference's “Type Layout” chapter for details on type layout guarantees.

Size: 8 bytes