Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

An FTP and FTPS client for .NET & .NET Standard, optimized for speed. Provides extensive FTP commands, File uploads/downloads, SSL/TLS connections, Automatic directory listing parsing, File hashing/checksums, File permissions/CHMOD, FTP proxies, FXP support, UTF-8 support, Async/await support, Powershell support and more. Written entirely in C#,…

Stars: ✭ 1,943 (+891.33%)

Mutual labels: ssl, tls

Captagent

100% Open-Source Packet Capture Agent for HEP

Stars: ✭ 116 (-40.82%)

Mutual labels: ssl, tls

Chromium Gost

Chromium с поддержкой алгоритмов ГОСТ

Stars: ✭ 123 (-37.24%)

Mutual labels: ssl, tls

Lemur

Repository for the Lemur Certificate Manager

Stars: ✭ 1,533 (+682.14%)

Mutual labels: ssl, tls

Aspnetcorecertificates

Certificate Manager in .NET Core for creating and using X509 certificates

Stars: ✭ 135 (-31.12%)

Mutual labels: ssl, tls

Atls

A light TLS implementation used for learning: TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3 GMSSL 1.1(国密SSL) based on libcrypto.so.

Stars: ✭ 134 (-31.63%)

Mutual labels: ssl, tls

Mutual Tls Ssl

🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC examples are included

Stars: ✭ 163 (-16.84%)

Mutual labels: ssl, tls

Search Guard Ssl

Elasticsearch SSL for free. Supports native Open SSL.

Stars: ✭ 159 (-18.88%)

Mutual labels: ssl, tls

Tls Channel

A Java library that implements a ByteChannel interface over SSLEngine, enabling easy-to-use (socket-like) TLS for Java applications.

Stars: ✭ 113 (-42.35%)

Mutual labels: ssl, tls

Cert

Cert is the Go tool to get TLS certificate information.

Stars: ✭ 166 (-15.31%)

Mutual labels: ssl, tls

React Native Tcp Socket

React Native TCP socket API for Android, iOS & macOS with client SSL/TLS support

Stars: ✭ 112 (-42.86%)

Mutual labels: ssl, tls

Certstrap

Tools to bootstrap CAs, certificate requests, and signed certificates.

Stars: ✭ 1,689 (+761.73%)

Mutual labels: ssl, tls

Ssl Checker

Python script that collects SSL/TLS information from hosts

Stars: ✭ 94 (-52.04%)

Mutual labels: ssl, tls

Sslsplit

Transparent SSL/TLS interception

Stars: ✭ 1,371 (+599.49%)

Mutual labels: ssl, tls

Libleakmydata

A simple LD_PRELOAD library to disable SSL certificate verification. Inspired by libeatmydata.

Stars: ✭ 132 (-32.65%)

Mutual labels: ssl, tls

Acmetool

🔒 acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)

Stars: ✭ 1,882 (+860.2%)

Mutual labels: ssl, tls

View All Similar Projects ➔

TLS/SSL Certificate Generator

tls-gen is an OpenSSL-based tool that generates self-signed certificates that are meant to be used in development and QA environments.

The project is originally extracted from a number of RabbitMQ test suites.

What It Does

tls-gen generates a self-signed Certificate Authority (CA) certificate and two or more pairs of keys: client and server, all with a single command.

It supports more than one profile that generate certificate chains of different length and "shape".

Private keys can be generated using RSA as well as ECC.

Prerequisites

tls-gen requires

openssl
Python 3.5 or later in PATH as python3 (older versions are not supported)
make

Usage

Certificate authorities (CAs) and certificates can form chains. tls-gen provides several "profiles" that produce different kinds of certificate chains:

Profile 1: a root CA with leaf certificate/key pairs signed by it
Profile 2: a root CA with multiple shared intermediary certificates and leaf pairs signed by the intermediaries
Profile 3: a root CA with two intermediary certificates (one for server, one for client) and leaf pairs signed by the intermediaries

Each profile has a sub-directory in repository root. All profiles use the same make targets and directory layouts that are as close as possible.

Profile 1 (Basic Profile)

To generate a CA, client and server private key/certificate pairs, run make from the basic profile directory with the PASSWORD variable providing the passphrase:

cd [path to tls-gen repository]/basic
# pass a password using the PASSWORD variable
make PASSWORD=bunnies
# results will be under the ./result directory
ls -lha ./result

Generated CA certificate as well as client and server certificate and private keys will be under the result directory.

It possible to use ECC for leaf keys:

cd [path to tls-gen repository]/basic
# pass a password using the PASSWORD variable
make PASSWORD=bunnies USE_ECC=true ECC_CURVE="prime256v1"
# results will be under the ./result directory
ls -lha ./result

The list of available curves can be obtained with

openssl ecparam -list_curves

Profile 2 (Shared Chained Certificates)

To generate a root CA, 2 shared intermediate CAs, client and server key/certificate pairs, run make from the two_shared_intermediates directory:

make PASSWORD=bunnies
# results will be under the ./result directory
ls -lha ./result

It possible to use ECC for intermediate and leaf keys:

make PASSWORD=bunnies USE_ECC=true ECC_CURVE="prime256v1"
# results will be under the ./result directory
ls -lha ./result

The list of available curves can be obtained with

openssl ecparam -list_curves

Profile 3 (Separate Certificate Chains)

To generate a root CA, 2 intermediate CAs (one for server, one for client), client and server key/certificate pairs, run make from the separate_intermediates directory:

make PASSWORD=bunnies
# results will be under the ./result directory
ls -lha ./result

It possible to use ECC for intermediate and leaf keys:

make PASSWORD=bunnies USE_ECC=true ECC_CURVE="prime256v1"
# results will be under the ./result directory
ls -lha ./result

The list of available curves can be obtained with

openssl ecparam -list_curves

Regeneration

To generate a new set of keys and certificates, use

make regen PASSWORD=bunnies

The regen target accepts the same variables as gen (default target) above.

Verification

You can verify the generated client and server certificates against the generated CA one with

make verify

Overriding CN (Common Name)

By default, certificate's CN (Common Name) is calculated using hostname.

It is possible to override CN with a make variable:

make PASSWORD=bunnies CN=secure.mydomain.local

Overriding Certificate Validity Period

By default certificates will be valid for 3650 days (about 10 years). The period can be changed by overriding the DAYS_OF_VALIDITY variable

make PASSWORD=bunnies DAYS_OF_VALIDITY=365

Generating Expired Certificates

It may be necessary to generate an expired certificate, e.g. to test TLS handshake and peer verification failures. To do so, set the certificate validity in days to a negative value:

make PASSWORD=bunnies DAYS_OF_VALIDITY=-7

Overriding Number of Private Key Bits

It is possible to override the number of private key bits with a make variable:

make PASSWORD=bunnies NUMBER_OF_PRIVATE_KEY_BITS=4096

Certificate Information

To display information about generated certificates, use

make info

This assumes the certificates were previously generated.

License

Mozilla Public License, see LICENSE.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 196

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (4) 🔗