cert::KeyPairAlgorithm is not public

[jamesmunns]

When using rustls_cert_gen as a library, the CertificateBuilder::signature_algorithm function takes KeyPairAlgorithm as an argument, however the cert module is private, and cert::KeyPairAlgorithm is not exported. This means that CertificateBuilder::signature_algorithm cannot be used (or only used with Default::default(), the same as not using it).

Happy to open a PR to expose this (there might be other params missing too), just wanted to check if it was intentional.

[djc]

rustls-cert-gen is not intended as a libary interface. Are there issues with using rcgen?

[jamesmunns]

I figured that it was published as a lib, that I could use it as such :)

I'm sure I could copy and paste your code from that project and use rcgen and that would work fine.

[djc]

I'd rather add high-level API to rcgen where it is currently too clunky than support library API for the CLI crate.

[jamesmunns]

I mentioned it in the other issue, but https://github.com/OneVariable/rustls-self-signed-demo is what I came up with. I think having something like CertificateBuilder (and the types used by its methods), and maybe EndEntity and Ca as part of the public interface would be nice.

[djc]

If you'd be willing to submit a PR that moves some version of the CertificateBuilder into rcgen, that sounds like an interesting idea to me!