django-ca
pki
| django-ca | pki | |
|---|---|---|
| 1 | 2 | |
| 134 | 320 | |
| - | 1.9% | |
| 9.7 | 9.8 | |
| about 2 hours ago | 5 days ago | |
| Python | Java | |
| GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
django-ca
-
Threat Actors Now Target Docker via Container Escape Features
django-ca is one way to manage a PKI including ACMEv2, OCSP, and a CRL (Certificate Revocation) list: https://github.com/mathiasertl/django-ca
"How can I verify client certificates against a CRL in Golang?" mentions a bit about crypto/tls and one position on CRLs:
pki
-
Opensource CA for client cert management
Dogtag may work if you want to hand off a UI. https://www.dogtagpki.org
-
SSL certs for services behind VPN?
You can use Dogtag (ACME Responder). You can use it for internal acme. You have to install your own ca on every client, though.
What are some alternatives?
bocker - Docker implemented in around 100 lines of bash
boulder - An ACME-based certificate authority, written in Go.
FreeIPA - Mirror of FreeIPA, an integrated security information management solution
dehydrated - letsencrypt/acme client implemented as a shell-script – just add water
trillian - A transparent, highly scalable and cryptographically verifiable data store.
certificates - 🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
PKI.js - PKI.js is a pure JavaScript library implementing the formats that are used in PKI applications (signing, encryption, certificate requests, OCSP and TSP requests/responses). It is built on WebCrypto (Web Cryptography API) and requires no plug-ins.
acme-companion - Automated ACME SSL certificate generation for nginx-proxy
Moby - The Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
mutual-tls-ssl - 🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC, WebSocket and ElasticSearch examples are included
gatekeeper - 🐊 Gatekeeper - Policy Controller for Kubernetes
ejbca-ce - EJBCA® – Open-source public key infrastructure (PKI) and certificate authority (CA) software.