X.509
X.509 certificates containing hybrid and post-quantum public keys and signatures can be generated using our fork of OpenSSL using the common openssl ‘x509’ commands specifying post-quantum algorithm names as listed here.
For a full walk-through on generating post-quantum X.509 certificates, see the OQS-OpenSSL README section “TLS demo”.
The easiest way to execute post-quantum X509 operations is by using the pre-build Docker image at Docker hub.