MbedTLS-CLU is a C application which makes use of the MbedTLS SSL library for the creation of Public Key Infrastructure.
This tool has been initially created with the Gargoyle Router Project in mind, but may be useful to others.
MbedTLS-CLU is tested and compiled against v2.28.9, with one additional patch required to add extended key usage extension into the codebase
MbedTLS-CLU is a minimal set of command line tools for use with OpenVPN EasyRSA 3 and the Gargoyle Router Project firmware. It can:
- Generate random bytes
- Generate Diffie-Hellman parameters
- Generate Certificate Requests
- Generate Certificates
- Sign Certificates
- Act as a mini Certificate Authority
It is designed to be mostly compatible with the equivalent OpenSSL utilities (openssl)
MbedTLS-CLU is not a full replacement for the equivalent OpenSSL utilities. Not all features are supported.