Simple Certificate Authority for MITM proxies
Project description
This package provides a small library, built on top of pyOpenSSL, which allows for creating a custom certificate authority certificate, and genereating on-demand dynamic host certs using that CA certificate.
It is most useful for use with a man-in-the-middle HTTPS proxy, for example, for archiving or playing back web content.
Certificates created by using this module should be used with caution.
History
The CertificateAuthority functionality was originally found in the man-in-the-middle proxy pymiproxy by Nadeem Douba.
It was also extended in warcprox by Noah Levitt of Internet Archive.
The CA functionality was also reused in pywb and finally factored out into this separate package for modularity.
Usage Examples
usage: certauth [-h] [-c CERTNAME] [-n HOSTNAME] [-d CERTS_DIR] [-f] [-w]
root_ca_cert
positional arguments:
root_ca_cert Path to existing or new root CA file
optional arguments:
-h, --help show this help message and exit
-c CERTNAME, --certname CERTNAME
Name for root certificate
-n HOSTNAME, --hostname HOSTNAME
Hostname certificate to create
-d CERTS_DIR, --certs-dir CERTS_DIR
Directory for host certificates
-f, --force Overwrite certificates if they already exist
-w, --wildcard_cert add wildcard SAN to host: *.<host>, <host>
To create a new root CA certificate:
certauth myrootca.pem --certname "My Test CA"
To create a host certificate signed with CA certificate in directory certs_dir:
certauth myrootca.pem --hostname "example.com" -d ./certs_dir
If the root cert doesn’t exist, it’ll be created automatically. If certs_dir, doesn’t exist, it’ll be created automatically also.
The cert for example.com will be created as certs_dir/example.com.pem. If it already exists, it will not be overwritten (unless -f option is used).
The -w option can be used to create a wildcard cert which has subject alternate names (SAN) for example.com and *.example.com
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file certauth-1.1.4.tar.gz.
File metadata
- Download URL: certauth-1.1.4.tar.gz
- Upload date:
- Size: 5.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | a28cad60108041a75b4d1f089577142c3f59f21ef6911ffd2e7865c8c87a31dc |
|
| MD5 | 521299a0d4d1d4d3e196e0d38bcfdc57 |
|
| BLAKE2b-256 | c734c575346d09b4c9a46666f2c0f9783a2858d3dbc9453fbeaefee603603330 |
File details
Details for the file certauth-1.1.4-py2.py3-none-any.whl.
File metadata
- Download URL: certauth-1.1.4-py2.py3-none-any.whl
- Upload date:
- Size: 7.2 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | cf42b6d720859193ad55aa22e5b680af3f18ec9000906187ab341a247fca0b88 |
|
| MD5 | ce8f3ba967fa53b83f29d643fe1b5fce |
|
| BLAKE2b-256 | d13b71f6f15d721db10d24dea03b599c0204f0ccc6ff34c5dffed617c7098ef3 |
