This is a pre-production deployment of Warehouse, however changes made here WILL affect the production instance of PyPI.
Latest Version Dependencies status unknown Test status unknown Test coverage unknown
Project Description

A tool for managing the signing and generation of CSRs as well as the creation of certificate Authorities

Features

  • Its not the openssl command
  • Sane flags
  • Its not the openssl command
  • internal API to leverage in your own apps
  • Its not the openssl command
  • Single File Certificate store based off sqlite makes backups easy
  • Human readable times that become more accurate as the appointed time gets closer eg ‘3 days from now’ to ‘3 hours from now’ to ‘03:14’
  • Ability to add comments to certificates, keys and requests
  • Generate CRLs’
  • Webserver to provision new certificates to bearers of a valid (but soon to expire) certificate allowing automatic update of certificates via a cronjob

Installation

To create a virtual environment use the following commands

pyvenv-3.4 –system-site-packages venv . bin/venv/activate pip install blitz-ca

to activate the environment in another terminal repeat the activate step as shown below

. bin/venv/activate

as this is an argparse based program, comprehensive help is available by specifying ‘-h’ or ‘–help’ to receive help on a sub command, use ‘-h’ as above after the sub command itself

At this time there is no other documentation avalible but those who have created certificates and CSRs with the openssl command should be fammilar enough with the terminolgy and process to use the program.

Examples

Creating a self signed certificate

blitz-ca cert new www.pocketnix.org

Creating a certificate with a Subject Alternative Name

blitz-ca cert new www.pocketnix.org pocketnix.org

To specify values such as the Email address, locality or country to embed in the cert you can use the form ‘shortname=value’ or ‘longname=value’ and add it on the end. These values are case sensitive and in the case of the long hand versions are camelCase

blitz-ca cert new www.pocketnix.org “locality=The Moon” emailAddress=operations@moonbase.pocketnix.org

Alternatively, to be prompted for the values of most of the commonly used or expected fields add the ‘-p’ flag

blitz-ca cert new -p www.pocketnix.org

The alternate Subject alt names are also supported allowing you to issue a mail signing certificate for multiple email addresses

blitz-ca cert new pocketnix.org emailAddress=myemail@pocketnix.org email:anotheremail@pocketnix.org

What Works

  • Key Generation
  • Cert Generation
  • Request Generation
  • Request Signing
  • Arbitrary x509 extensions
  • Subject alternative names
  • Key usage
  • RSA and DSA keys of arbitrary bit length

What does not Work

  • Tracking of issued certs
  • CRL Generation
  • Auto Enrolment webserver
  • Confirmation before signing a request
  • Elliptic Curve keys

Notes

  • If you do not specify a key then one will be created for you automaticly as

    part of the CSR or certificate generation. if you are having trouble matching a CSR up to a private key at generation time, consider using the ‘-C’ flag to add a comment to both the private key and CSR

  • Signing a request will copy extensions from the request into the certificate however there is currently no way to audit the request before signing and approve extensions

  • Certificates are backdated by 1 hour to help prevent issues with clients/servers with clock drift (if you have 1 hour of clock drift you ahve bigger issues but daylight savigns may cause issues)

Release History

0.1.1 (2014-11-05)

  • Re-release to fix upload

0.1 (2014-11-05)

  • Initial Release
  • Key generation
  • Cert generation
  • Request generation
  • Request signing
Release History

Release History

0.1.1

This version

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

Download Files

Download Files

TODO: Brief introduction on what you do with files - including link to relevant help section.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
blitz_ca-0.1.1-py2.py3-none-any.whl (16.7 kB) Copy SHA256 Checksum SHA256 3.4 Wheel Nov 5, 2014
blitz-ca-0.1.1.tar.bz2 (12.3 kB) Copy SHA256 Checksum SHA256 Source Nov 5, 2014
blitz-ca-0.1.1.zip (19.0 kB) Copy SHA256 Checksum SHA256 Source Nov 5, 2014

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS HPE HPE Development Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting