Skip to main content

Reusable django app to generate and manage x509 certificates

Project description

https://travis-ci.org/openwisp/django-x509.svg https://coveralls.io/repos/openwisp/django-x509/badge.svg Requirements Status https://badge.fury.io/py/django-x509.svg

Simple reusable django app implementing x509 PKI certificates management.



Current features

  • CA generation

  • Import existing CAs

  • End entity certificate generation

  • Import existing certificates

  • Certificate revocation

  • CRL view (public or protected)

  • Possibility to specify x509 extensions on each certificate

Project goals

  • provide a simple and reusable x509 PKI management django app

  • provide abstract models that can be imported and extended in larger django projects

Install stable version from pypi

Install from pypi:

pip install django-x509

Install development version

Install tarball:

pip install https://github.com/openwisp/django-x509/tarball/master

Alternatively you can install via pip using git:

pip install -e git+git://github.com/openwisp/django-x509#egg=django-x509

If you want to contribute, install your cloned fork:

git clone git@github.com:<your_fork>/django-x509.git
cd django-x509
python setup.py develop

Setup (integrate in an existing django project)

Add django_x509 to INSTALLED_APPS:

INSTALLED_APPS = [
    # other apps
    'django_x509',
]

Add the URLs to your main urls.py:

urlpatterns = [
    # ... other urls in your project ...

    # django-x509 urls
    # keep the namespace argument unchanged
    url(r'^', include('django_x509.urls', namespace='x509')),
]

Then run:

./manage.py migrate

Installing for development

Install sqlite:

sudo apt-get install sqlite3 libsqlite3-dev

Install your forked repo:

git clone git://github.com/<your_fork>/django-x509
cd django-x509/
python setup.py develop

Install test requirements:

pip install -r requirements-test.txt

Create database:

cd tests/
./manage.py migrate
./manage.py createsuperuser

Launch development server:

./manage.py runserver

You can access the admin interface at http://127.0.0.1:8000/admin/.

Run tests with:

./runtests.py

Settings

DJANGO_X509_DEFAULT_CERT_VALIDITY

type:

int

default:

365

Default validity period (in days) when creating new x509 certificates.

DJANGO_X509_DEFAULT_CA_VALIDITY

type:

int

default:

3650

Default validity period (in days) when creating new Certification Authorities.

DJANGO_X509_DEFAULT_KEY_LENGTH

type:

int

default:

2048

Default key length for new CAs and new certificates.

Must be one of the following values:

  • 512

  • 1024

  • 2048

  • 4096

DJANGO_X509_DEFAULT_DIGEST_ALGORITHM

type:

str

default:

sha256

Default digest algorithm for new CAs and new certificates.

Must be one of the following values:

  • sha1

  • sha224

  • sha256

  • sha384

  • sha512

DJANGO_X509_CA_BASIC_CONSTRAINTS_CRITICAL

type:

bool

default:

True

Whether the basicConstraint x509 extension must be flagged as critical when creating new CAs.

DJANGO_X509_CA_BASIC_CONSTRAINTS_PATHLEN

type:

int or None

default:

0

Value of the pathLenConstraint of basicConstraint x509 extension used when creating new CAs.

When this value is a positive int it represents the maximum number of non-self-issued intermediate certificates that may follow the generated certificate in a valid certification path.

Set this value to None to avoid imposing any limit.

DJANGO_X509_CA_KEYUSAGE_CRITICAL

type:

bool

default:

True

Whether the keyUsage x509 extension should be flagged as “critical” for new CAs.

DJANGO_X509_CA_KEYUSAGE_VALUE

type:

str

default:

cRLSign, keyCertSign

Value of the keyUsage x509 extension for new CAs.

DJANGO_X509_CERT_KEYUSAGE_CRITICAL

type:

bool

default:

False

Whether the keyUsage x509 extension should be flagged as “critical” for new end-entity certificates.

DJANGO_X509_CERT_KEYUSAGE_VALUE

type:

str

default:

digitalSignature, keyEncipherment

Value of the keyUsage x509 extension for new end-entity certificates.

DJANGO_X509_CRL_PROTECTED

type:

bool

default:

False

Whether the view for downloading Certificate Revocation Lists should be protected with authentication or not.

Contributing

  1. Announce your intentions in the OpenWISP Mailing List

  2. Fork this repo and install it

  3. Follow PEP8, Style Guide for Python Code

  4. Write code

  5. Write tests for your code

  6. Ensure all tests pass

  7. Ensure test coverage does not decrease

  8. Document your changes

  9. Send pull request

Changelog

See CHANGES.

License

See LICENSE.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-x509-0.1.2.tar.gz (21.3 kB view details)

Uploaded Source

Built Distribution

django_x509-0.1.2-py2.py3-none-any.whl (26.7 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file django-x509-0.1.2.tar.gz.

File metadata

  • Download URL: django-x509-0.1.2.tar.gz
  • Upload date:
  • Size: 21.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for django-x509-0.1.2.tar.gz
Algorithm Hash digest
SHA256 2a212b82a6d1a2ffdb69e80911616a7725ed95a9310583342a8321f94c98299c
MD5 483354cacf6811f8e3df225e0a68efdd
BLAKE2b-256 4621710f8b22b9330d85978bb48ce1e974c6631ed89d3449b5ddb0a55f7b1f36

See more details on using hashes here.

Provenance

File details

Details for the file django_x509-0.1.2-py2.py3-none-any.whl.

File metadata

File hashes

Hashes for django_x509-0.1.2-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 dc512cbbd321c8d57e5913219033e586a3e4a32074d5cee6d6b786dad1077754
MD5 6208867400e92a693944d75a55170602
BLAKE2b-256 867afa33ec5e08144c5e90ee3af8a8242bf76958d96916bdc077feaf6634cf72

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page