pki
django-ca
pki | django-ca | |
---|---|---|
2 | 1 | |
320 | 134 | |
1.9% | - | |
9.8 | 9.7 | |
7 days ago | 2 days ago | |
Java | Python | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pki
-
Opensource CA for client cert management
Dogtag may work if you want to hand off a UI. https://www.dogtagpki.org
-
SSL certs for services behind VPN?
You can use Dogtag (ACME Responder). You can use it for internal acme. You have to install your own ca on every client, though.
django-ca
-
Threat Actors Now Target Docker via Container Escape Features
django-ca is one way to manage a PKI including ACMEv2, OCSP, and a CRL (Certificate Revocation) list: https://github.com/mathiasertl/django-ca
"How can I verify client certificates against a CRL in Golang?" mentions a bit about crypto/tls and one position on CRLs:
What are some alternatives?
boulder - An ACME-based certificate authority, written in Go.
bocker - Docker implemented in around 100 lines of bash
dehydrated - letsencrypt/acme client implemented as a shell-script – just add water
FreeIPA - Mirror of FreeIPA, an integrated security information management solution
certificates - 🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
trillian - A transparent, highly scalable and cryptographically verifiable data store.
acme-companion - Automated ACME SSL certificate generation for nginx-proxy
PKI.js - PKI.js is a pure JavaScript library implementing the formats that are used in PKI applications (signing, encryption, certificate requests, OCSP and TSP requests/responses). It is built on WebCrypto (Web Cryptography API) and requires no plug-ins.
mutual-tls-ssl - 🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC, WebSocket and ElasticSearch examples are included
Moby - The Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
ejbca-ce - EJBCA® – Open-source public key infrastructure (PKI) and certificate authority (CA) software.
gatekeeper - 🐊 Gatekeeper - Policy Controller for Kubernetes