django-x509 1.2

DJANGO_X509_DEFAULT_CERT_VALIDITY

Default validity period (in days) when creating new x509 certificates.

DJANGO_X509_DEFAULT_CA_VALIDITY

Default validity period (in days) when creating new Certification Authorities.

DJANGO_X509_DEFAULT_KEY_LENGTH

Default key length for new CAs and new certificates.

Must be one of the following values:

• 512

• 1024

• 2048

• 4096

DJANGO_X509_DEFAULT_DIGEST_ALGORITHM

Default digest algorithm for new CAs and new certificates.

Must be one of the following values:

• sha1

• sha224

• sha256

• sha384

• sha512

DJANGO_X509_CA_BASIC_CONSTRAINTS_CRITICAL

Whether the basicConstraint x509 extension must be flagged as critical when creating new CAs.

DJANGO_X509_CA_BASIC_CONSTRAINTS_PATHLEN

Value of the pathLenConstraint of basicConstraint x509 extension used when creating new CAs.

When this value is a positive int it represents the maximum number of non-self-issued intermediate certificates that may follow the generated certificate in a valid certification path.

Set this value to None to avoid imposing any limit.

DJANGO_X509_CA_KEYUSAGE_CRITICAL

Whether the keyUsage x509 extension should be flagged as “critical” for new CAs.

DJANGO_X509_CA_KEYUSAGE_VALUE

Value of the keyUsage x509 extension for new CAs.

DJANGO_X509_CERT_KEYUSAGE_CRITICAL

Whether the keyUsage x509 extension should be flagged as “critical” for new end-entity certificates.

DJANGO_X509_CERT_KEYUSAGE_VALUE

Value of the keyUsage x509 extension for new end-entity certificates.

DJANGO_X509_CRL_PROTECTED

Whether the view for downloading Certificate Revocation Lists should be protected with authentication or not.

1. Initialize your custom module

The first thing you need to do is to create a new django app which will contain your custom version of django-x509.

A django app is nothing more than a python package (a directory of python scripts), in the following examples we’ll call this django app myx509, but you can name it how you want:

django-admin startapp myx509

Keep in mind that the command mentioned above must be called from a directory which is available in your PYTHON_PATH so that you can then import the result into your project.

Now you need to add myx509 to INSTALLED_APPS in your settings.py, ensuring also that django_x509 has been removed:

INSTALLED_APPS = [
    # ... other apps ...
    # 'django_x509'  <-- comment out or delete this line
    "myx509"
]

For more information about how to work with django projects and django apps, please refer to the django documentation.

2. Install django-x509 & openwisp-utils

Install (and add to the requirement of your project):

pip install django-x509 openwisp-utils

3. Add EXTENDED_APPS

Add the following to your settings.py:

EXTENDED_APPS = ["django_x509"]

4. Add openwisp_utils.staticfiles.DependencyFinder

Add openwisp_utils.staticfiles.DependencyFinder to STATICFILES_FINDERS in your settings.py:

STATICFILES_FINDERS = [
    "django.contrib.staticfiles.finders.FileSystemFinder",
    "django.contrib.staticfiles.finders.AppDirectoriesFinder",
    "openwisp_utils.staticfiles.DependencyFinder",
]

5. Add openwisp_utils.loaders.DependencyLoader

Add openwisp_utils.loaders.DependencyLoader to TEMPLATES in your settings.py:

TEMPLATES = [
    {
        "BACKEND": "django.template.backends.django.DjangoTemplates",
        "OPTIONS": {
            "loaders": [
                "django.template.loaders.filesystem.Loader",
                "django.template.loaders.app_directories.Loader",
                "openwisp_utils.loaders.DependencyLoader",
            ],
            "context_processors": [
                "django.template.context_processors.debug",
                "django.template.context_processors.request",
                "django.contrib.auth.context_processors.auth",
                "django.contrib.messages.context_processors.messages",
            ],
        },
    }
]

6. Inherit the AppConfig class

Please refer to the following files in the sample app of the test project:

• sample_x509/__init__.py.

• sample_x509/apps.py.

You have to replicate and adapt that code in your project.

For more information regarding the concept of AppConfig please refer to the “Applications” section in the django documentation.

7. Create your custom models

Here we provide an example of how to extend the base models of django-x509. We added a simple “details” field to the models for demostration of modification:

from django.db import models
from django_x509.base.models import AbstractCa, AbstractCert


class DetailsModel(models.Model):
    details = models.CharField(max_length=64, blank=True, null=True)

    class Meta:
        abstract = True


class Ca(DetailsModel, AbstractCa):
    """
    Concrete Ca model
    """

    class Meta(AbstractCa.Meta):
        abstract = False


class Cert(DetailsModel, AbstractCert):
    """
    Concrete Cert model
    """

    class Meta(AbstractCert.Meta):
        abstract = False

You can add fields in a similar way in your models.py file.

Note: for doubts regarding how to use, extend or develop models please refer to the “Models” section in the django documentation.

8. Add swapper configurations

Once you have created the models, add the following to your settings.py:

# Setting models for swapper module
DJANGO_X509_CA_MODEL = "myx509.Ca"
DJANGO_X509_CERT_MODEL = "myx509.Cert"

Substitute myx509 with the name you chose in step 1.

9. Create database migrations

Create and apply database migrations:

./manage.py makemigrations
./manage.py migrate

For more information, refer to the “Migrations” section in the django documentation.

10. Create the admin

Refer to the admin.py file of the sample app.

To introduce changes to the admin, you can do it in two main ways which are described below.

Note: for more information regarding how the django admin works, or how it can be customized, please refer to “The django admin site” section in the django documentation.

from django_x509.admin import CaAdmin, CertAdmin

CaAdmin.list_display.insert(
    1, "my_custom_field"
)  # <-- your custom change example
CertAdmin.list_display.insert(
    1, "my_custom_field"
)  # <-- your custom change example

from django.contrib import admin
from swapper import load_model

from django_x509.base.admin import AbstractCaAdmin, AbstractCertAdmin

Ca = load_model("django_x509", "Ca")
Cert = load_model("django_x509", "Cert")


class CertAdmin(AbstractCertAdmin):
    pass
    # add your changes here


class CaAdmin(AbstractCaAdmin):
    pass
    # add your changes here


admin.site.register(Ca, CaAdmin)
admin.site.register(Cert, CertAdmin)

11. Create root URL configuration

Please refer to the urls.py file in the test project.

For more information about URL configuration in django, please refer to the “URL dispatcher” section in the django documentation.

12. Import the automated tests

When developing a custom application based on this module, it’s a good idea to import and run the base tests too, so that you can be sure the changes you’re introducing are not breaking some of the existing features of django-x509.

In case you need to add breaking changes, you can overwrite the tests defined in the base classes to test your own behavior.

from django.test import TestCase
from django_x509.tests.base import TestX509Mixin
from django_x509.tests.test_admin import (
    ModelAdminTests as BaseModelAdminTests,
)
from django_x509.tests.test_ca import TestCa as BaseTestCa
from django_x509.tests.test_cert import TestCert as BaseTestCert


class ModelAdminTests(BaseModelAdminTests):
    app_label = "myx509"


class TestCert(BaseTestCert):
    pass


class TestCa(BaseTestCa):
    pass


del BaseModelAdminTests
del BaseTestCa
del BaseTestCert

Now, you can then run tests with:

# the --parallel flag is optional
./manage.py test --parallel myx509

Substitute myx509 with the name you chose in step 1.

For more information about automated tests in django, please refer to “Testing in Django”.