Command cert
The command certs lets you manage ROOT certificates and create new ones.
Export the default ROOT CA
The command cert export
allows you to export the default ROOT CA of fluxzy.
fluxzy cert export -o "my-root-ca.cer"
Create a new ROOT CA
The command cert create
allows you to create a new ROOT CA.
fluxzy cert create mycert.p12 "MYCN"
The command above will create a 2048 bits RSA certificate with CN=MYCN
. More options are available to add more information about the subject, to change the key size, to set an AES key on the p12 file, ....
Define a ROOT CA at user level
You can define a ROOT CA at user level by using the command cert default
. The defined root certificate will be implicitly used by all fluxzy application (CLI, Fluxzy.Core and Desktop).
# Create a new ROOT CA
fluxzy cert create MyCustomCa.p12 MyCN
# Define the ROOT CA at user level
fluxzy cert default MyCustomCa.p12
If the provided PKCS12 file is password protected, Fluxzy will expect to read the password from the environment variable FLUXZY_ROOT_CERTIFICATE_PASSWORD
.
The PKCS12 file will be stored on %appdata%/.fluxzy/rootca.pfx
on Windows and ~/.fluxzy/rootca.pfx
on Linux and macOS.
Add a ROOT CA to the default store
The command cert install-cert
allows you to add a ROOT CA to the default store of the running OS. This command accepts as argument a path to a X509 certificate file.
fluxzy cert install-cert mycert.crt