diff --git a/Cargo.lock b/Cargo.lock
index 3aec39c..16ed252 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -876,6 +876,7 @@ dependencies = [
 name = "server"
 version = "0.1.0"
 dependencies = [
+ "base64",
  "clap",
  "common",
  "miette",
diff --git a/Cargo.toml b/Cargo.toml
index 4001bfe..863bd31 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -10,6 +10,7 @@ license = "MIT OR Apache-2.0"
 
 [workspace.dependencies]
 aws-lc-rs = "1"
+base64 = "0.22"
 cargo-husky = { version = "1", default-features = false, features = [
   "user-hooks",
 ] }
diff --git a/server/Cargo.toml b/server/Cargo.toml
index 64a6517..a02630a 100644
--- a/server/Cargo.toml
+++ b/server/Cargo.toml
@@ -5,6 +5,7 @@ authors.workspace = true
 edition.workspace = true
 
 [dependencies]
+base64.workspace = true
 clap.workspace = true
 common.workspace = true
 miette.workspace = true
diff --git a/server/src/main.rs b/server/src/main.rs
index 4cc8f1e..c28e854 100644
--- a/server/src/main.rs
+++ b/server/src/main.rs
@@ -4,6 +4,7 @@
 //! - Reads 8-byte little-endian u64 (requested payload size N)
 //! - Responds with exactly N bytes (deterministic pattern)
 
+use base64::prelude::*;
 use clap::Parser;
 use common::{
     KeyExchangeMode,
@@ -21,7 +22,7 @@ use rustls::{
     server::Acceptor,
     version::TLS13,
 };
-use std::{env, fmt::Write, io::ErrorKind, net::SocketAddr, sync::Arc};
+use std::{env, io::ErrorKind, net::SocketAddr, sync::Arc};
 use tokio::{
     io::AsyncWriteExt,
     net::{TcpListener, TcpStream},
@@ -171,44 +172,13 @@ async fn main() -> miette::Result<()> {
     let tls_config = build_tls_config(args.mode, &server_cert)?;
 
     info!(
-        ca_cert_base64 = base64_encode(&ca.cert_der)
-            .lines()
-            .take(3)
+        ca_cert_base64 = BASE64_STANDARD
+            .encode(ca.cert_der)
+            .chars()
+            .take(256)
             .collect::<String>(),
         "CA cert (truncated)"
     );
 
     run_server(args, tls_config).await
 }
-
-/// Simple base64 encoding for certificate display.
-fn base64_encode(data: &[u8]) -> String {
-    const ALPHABET: &[u8] = b"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-
-    let mut result = String::new();
-    for chunk in data.chunks(3) {
-        let mut n = 0;
-        for (i, &byte) in chunk.iter().enumerate() {
-            n |= u32::from(byte) << (16 - 8 * i);
-        }
-
-        for i in 0..=chunk.len() {
-            let idx = ((n >> (18 - 6 * i)) & 0x3F) as usize;
-            result.push(ALPHABET[idx] as char);
-        }
-
-        for _ in chunk.len()..3 {
-            result.push('=');
-        }
-    }
-
-    let mut wrapped = String::new();
-    for (i, c) in result.chars().enumerate() {
-        if i > 0 && i % 76 == 0 {
-            let _ = writeln!(wrapped);
-        }
-        wrapped.push(c);
-    }
-
-    wrapped
-}