onionmaker is a utility to create CSRs for Tor v3 services. The CSRs generated by this utility are suitable for validation of Tor v3 Onion Domain Names according to Appendix B of the CA/Browser Forum Baseline Requirements.
pip3 install onionmaker
onionmaker ca_random_value [hidden_service_dir]
You may need to run step 2 as root depending on the access permissions of the private key file.
onionmaker requires two command line arguments:
Argument | Description |
---|---|
ca_random_value | The Random Value supplied the CA. It must be a string consisting of 32 alphanumeric characters. |
hidden_service_dir | The configuration directory for the Tor v3 Onion service. Default value is /var/lib/tor/hidden_service . |
The utility will then create and sign a CSR with the specified private key, outputting the CSR to stdout.
This software bundles the orlp/ed25519 Ed25519 library for CSR signing. The distribution has been bundled unmodified except for omitting the Windows .dll binaries.`