GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → voltone → X509

voltone / X509

Licence: bsd-3-clause
Elixir package for working with X.509 certificates, Certificate Signing Requests (CSRs), Certificate Revocation Lists (CRLs) and RSA/ECC key pairs

Programming Languages

elixir
2628 projects

Labels

certificatex509pki

Projects that are alternatives of or similar to X509

pki-manager
IT Freelancers : Manage small PKI for multiple projects (or clients) with 2 bash scripts
Stars: ✭ 36 (-47.06%)
Mutual labels:  certificate, x509, pki
Aspnetcorecertificates
Certificate Manager in .NET Core for creating and using X509 certificates
Stars: ✭ 135 (+98.53%)
Mutual labels:  certificate, x509, pki
x509sak
X.509 Swiss Army Knife is a toolkit atop OpenSSL to ease generation of CAs and aid white-hat pentesting
Stars: ✭ 23 (-66.18%)
Mutual labels:  certificate, x509, pki
Pspki
PowerShell PKI Module
Stars: ✭ 189 (+177.94%)
Mutual labels:  certificate, x509, pki
Certlint
X.509 certificate linter, written in Go
Stars: ✭ 60 (-11.76%)
Mutual labels:  certificate, x509, pki
ocaml-x509
X509 (RFC5280) handling in OCaml
Stars: ✭ 40 (-41.18%)
Mutual labels:  x509, pki
CertificateDsc
DSC resources to simplify administration of certificates on a Windows Server.
Stars: ✭ 103 (+51.47%)
Mutual labels:  certificate, pki
Openxpki
OpenXPKI Code
Stars: ✭ 304 (+347.06%)
Mutual labels:  x509, pki
Openssl Nodejs
is a package which gives you a possibility to run every OpenSSL command 🔒 in Node.js in a handy way. Moreover, parameters like -in, -keyin, -config and etc can be replaced by a raw data (Buffor).
Stars: ✭ 25 (-63.24%)
Mutual labels:  certificate, x509
pki
Certificate Authority management suite
Stars: ✭ 23 (-66.18%)
Mutual labels:  x509, pki
Webpki
WebPKI X.509 Certificate Validation in Rust
Stars: ✭ 311 (+357.35%)
Mutual labels:  certificate, x509
Pki.js
PKI.js is a pure JavaScript library implementing the formats that are used in PKI applications (signing, encryption, certificate requests, OCSP and TSP requests/responses). It is built on WebCrypto (Web Cryptography API) and requires no plug-ins.
Stars: ✭ 960 (+1311.76%)
Mutual labels:  certificate, pki
efm-certvalidator
Certificate validator for X.509 certificates.
Stars: ✭ 25 (-63.24%)
Mutual labels:  certificate, x509
concerto
A command line tool and a library to generate TLS certificates for development purposes.
Stars: ✭ 34 (-50%)
Mutual labels:  certificate, x509
Certificates
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
Stars: ✭ 3,693 (+5330.88%)
Mutual labels:  x509, pki
kmgm
🔐🔗 Generate certs for your cluster, easy way
Stars: ✭ 22 (-67.65%)
Mutual labels:  x509, pki
Xipki
Highly scalable and high-performance open source PKI (CA and OCSP responder). Minimal dependencies, No-JPA, No-Spring
Stars: ✭ 311 (+357.35%)
Mutual labels:  certificate, pki
Sharkey
Sharkey is a service for managing certificates for use by OpenSSH
Stars: ✭ 360 (+429.41%)
Mutual labels:  certificate, pki
Pebble
A miniature version of Boulder, Pebble is a small RFC 8555 ACME test server not suited for a production certificate authority. Let's Encrypt is hiring! Work on Pebble with us.
Stars: ✭ 359 (+427.94%)
Mutual labels:  x509, pki
Forge
A native implementation of TLS in Javascript and tools to write crypto-based and network-heavy webapps
Stars: ✭ 4,204 (+6082.35%)
Mutual labels:  certificate, x509
View All Similar Projects ➔

X509

Github.com Hex.pm Hexdocs.pm Hex.pm Hex.pm Github.com

Elixir package for working with X.509 certificates, Certificate Signing Requests (CSRs), Certificate Revocation Lists (CRLs) and RSA/ECC key pairs.

Requires Erlang/OTP 20.1 or later.

Development and public release of this package were made possible by Bluecode.

Usage

As a Certificate Authority (CA)

Generate a self-signed CA certificate and private key, using the root_ca template:

iex> ca_key = X509.PrivateKey.new_ec(:secp256r1)
{:ECPrivateKey, ...}
iex> ca = X509.Certificate.self_signed(ca_key,
...>   "/C=US/ST=CA/L=San Francisco/O=Acme/CN=ECDSA Root CA",
...>   template: :root_ca
...>)
{:OTPCertificate, ...}

Use the CA certificate to issue a server certificate, using the default server template and the given SAN hostnames:

iex> my_key = X509.PrivateKey.new_ec(:secp256r1)
{:ECPrivateKey, ...}
iex> my_cert = my_key |>
...> X509.PublicKey.derive() |>
...> X509.Certificate.new(
...>   "/C=US/ST=CA/L=San Francisco/O=Acme/CN=Sample",
...>   ca, ca_key,
...>   extensions: [
...>     subject_alt_name: X509.Certificate.Extension.subject_alt_name(["example.org", "www.example.org"])
...>   ]
...> )
{:OTPCertificate, ...}

Or sign a certificate based on an incoming CSR:

iex> csr = X509.CSR.from_pem!(pem_string)
{:CertificationRequest, ...}
iex> subject = X509.CSR.subject(csr)
{:rdnSequence, ...}
iex> my_cert = csr |>
...> X509.CSR.public_key() |>
...> X509.Certificate.new(
...>   subject,
...>   ca, ca_key,
...>   extensions: [
...>     subject_alt_name: X509.Certificate.Extension.subject_alt_name(["example.org", "www.example.org"])
...>   ]
...> )

With :public_key for encryption/signing

Please refer to the documentation for the X509.PrivateKey module for examples showing asymmetrical encryption and decryption, as well as message signing and verification, with Erlang/OTP's :public_key APIs.

For TLS client/server testing

The x509.gen.selfsigned Mix task generates a self-signed certificate for use with a TLS server in development or testing.

The X509.Test.Suite and X509.Test.Server modules may be used to create test cases for TLS clients. The server_test.exs file can serve as a template: update the request/2 function to invoke of the TLS client under test, make sure it returns the expected response format, and update the test server's canned response in the test module's setup if necessary.

You may want to include the X509 package only in the 'dev' and/or 'test' environments for this use-case, by adding an only: ... clause to the dependency definition in your Mix file.

Installation

Add x509 to your list of dependencies in mix.exs:

def deps do
  [
    {:x509, "~> 0.8"}
  ]
end

Documentation can be found at https://hexdocs.pm/x509.

License

Copyright (c) 2019, Bram Verburg All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

  • Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

  • Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

  • Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].