paranoia
certstrap
| paranoia | certstrap | |
|---|---|---|
| 3 | 8 | |
| 219 | 2,220 | |
| 0.9% | 1.5% | |
| 6.1 | 2.1 | |
| 15 days ago | 7 months ago | |
| Go | Go | |
| Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
paranoia
certstrap
- Selfhosted CA tutorial
-
How does the cert based authentication work?
So setup a CA (I find certstrap simplifies this), load the CA cert into Mosquitto (cafile). Then you can issue any number of certificates that will allow clients to connect (you don't need to touch the broker config when adding new clients).
-
How do you guys handle your PKI?
git clone https://github.com/square/certstrap cd certstrap git checkout v1.3.0 docker build -t squareup/certstrap . alias certstrap='docker run -i --rm -v $PWD:/out squareup/certstrap'
-
Step by step guide of setting up SSL/TLS for a server and client
I like certstrap for this sort of thing, personally. I used to bugger about with OpenSSL but that’s far too real ale these days.
-
Local domain HTTPS certs - whats it called and how do I do it?
There are many ways to do this but my favorite is Certstrap.
-
Stunnel working configuration - Help needed
Sounds like the issue is with your certificate itself, perhaps look at something which helps with local certificates management like https://github.com/square/certstrap
-
Quickly prototyping and testing TLS services with valid certs
If you want to create your own CA, Certstrap by Square is really handy and simple to setup. I use this to generate valid certs for all my internal services (NAS, ESXI, etc).
-
How to Setup PostgreSQL with SSL inside a Docker Container
Because OpenSSL is quite complex to use, we'll use certstrap for generation of certificates, install certstrap from here.
What are some alternatives?
certigo - A utility to examine and validate certificates in a variety of formats
ghostunnel - A simple SSL/TLS proxy with mutual authentication for securing non-TLS services.
CryptoFiscaFacile - Outil (en ligne de commande pour l'instant) vous permettant de rassembler toutes les transactions de vos différents échanges et wallets afin de constituer votre portefeuille global et ainsi vous aider à la déclaration fiscale française.
forge - A native implementation of TLS in Javascript and tools to write crypto-based and network-heavy webapps
ssl-proxy - :lock: Simple zero-config SSL reverse proxy with real autogenerated certificates (LetsEncrypt, self-signed, provided)
forge - :electron: A complete tool for building and publishing Electron applications
utls - Fork of the Go standard TLS library, providing low-level access to the ClientHello for mimicry purposes.
mutual-tls-ssl - 🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC, WebSocket and ElasticSearch examples are included
nico - A HTTP3 web server for reverse proxy and single page application, automatically apply for ssl certificate, Zero-Configuration.
tlsreconciler - A Hitless TLS Certificate Rotation Reconciliation Library.
acmetool - :lock: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)
certificates - 🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.