PKI testing tool
Project description
Certomancer
Quickly construct, mock & deploy PKI test configurations using simple declarative configuration. Includes CRL, OCSP and time stamping service provisioning.
Install with python setup.py install. See example.yml for an example config file, and
below for more detailed documentation.
Requires Python 3.7 or later.
Quick start
$ pip install 'certomancer[web-api,pkcs12]'
$ certomancer --config example.yml animate
This will run the Certomancer Animator WSGI app on your local machine, behind a development web
server. Point your browser to http://localhost:9000 and take a look around.
For more information, see the documentation below.
Features
- Certomancer's core APIs are stateless: the same request should always return the same result. This property makes it very useful for automated testing.
- Declarative, YAML-based configuration.
- Minimal input validation, so you can generate deliberately broken certificates if you need to.
requests-mockintegration.- Ultra-lightweight WSGI application: the Certomancer Animator serves CRLs, OCSP responses, timestamps and more. This component requires Werkzeug, and optionally Jinja2 for the index view. Other than a web server and WSGI application server, there are no application dependencies.
- Plugin framework to support arbitrary certificate / CRL extensions and additional services.
These plugins are compatible with the WSGI and
requests-mockintegrations without additional configuration. - Certomancer is composable: since the Certomancer Animator is a bare-bones WSGI application, you can plug it into whatever web application framework you want with minimal overhead. Hence, for particularly complicated scenarios where the plugin API or existing integrations aren't sufficient, it is very easy to use Certomancer as a library, or wrap it as a component of some other WSGI application.
- With pyca/cryptography installed, Certomancer can also output PKCS#12 files if your tests require those.
Non-features
Certomancer is a testing tool for developers that write software to interface with public-key infrastructure. It is NOT intended to be used to manage production PKI deployments. Certomancer is very much garbage-in garbage-out, and happily ignores validation & security best practices in favour of allowing you to abuse your codebase in the worst possible ways. Consider yourself warned.
Documentation
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file certomancer-0.4.0.tar.gz.
File metadata
- Download URL: certomancer-0.4.0.tar.gz
- Upload date:
- Size: 38.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.1 importlib_metadata/3.10.0 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.59.0 CPython/3.9.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c33736c4fae21f86a3a9d44b1a3c19036e4940e0bace0f6d318f8ea644a5a4d6
|
|
| MD5 |
f42e6f111ca35831c9b33a9a095f9ac6
|
|
| BLAKE2b-256 |
0046e97af06fa23475a9f708d07d401f26aa19676cccebb7620dba3044f3d8de
|
File details
Details for the file certomancer-0.4.0-py3-none-any.whl.
File metadata
- Download URL: certomancer-0.4.0-py3-none-any.whl
- Upload date:
- Size: 41.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.1 importlib_metadata/3.10.0 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.59.0 CPython/3.9.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dcc3366061ad237da3a21a15afadf5409a6e849ae3cd4d3c1980c1d1b32b1d24
|
|
| MD5 |
b7bdf8a9f64c04f3b132092900e6abe5
|
|
| BLAKE2b-256 |
8b108a26b7f19d1611ec9fa34fb02f24e5b1f8d93cf71a538cbd80cb4ecfa231
|
