upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-03-27 12:53:05 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
certbot/server-ca
History
Seth Schoen 6d64bab45e wow, but M2Crypto is annoying! - make a BIO for the public key 
It turns out that M2Crypto.RSA.load_key_string() requires a keypair,
not a public key.  There is no M2Crypto.RSA.load_pub_key_string(),
only M2Crypto.RSA.load_pub_key_bio(), which requires an OpenSSL BIO
object.
2012-07-12 14:48:32 -07:00
..
demoCA changes to make CSR.issue() successfully issue certs 2012-07-09 00:01:19 -07:00
sni_challenge Added a fetch OID TODO 2012-07-11 15:10:44 -04:00
CA.sh changes to make CSR.issue() successfully issue certs 2012-07-09 00:01:19 -07:00
chocolate.py wow, but M2Crypto is annoying! - make a BIO for the public key 2012-07-12 14:48:32 -07:00
chocolate_protocol.proto remove disused debug flag in protocol 2012-07-09 22:33:02 -07:00
CSR.py use M2Crypto for getting public key length 2012-07-12 14:55:00 -04:00
daemon.py make daemon exit cleanly after interrupt signals 2012-07-12 14:30:56 -07:00
Makefile also deploy demoCA to server 2012-07-10 18:34:23 -07:00
pkcs10.py moving everything server-side to server-ca directory 2012-07-06 14:45:26 -07:00
README moving everything server-side to server-ca directory 2012-07-06 14:45:26 -07:00
REDIS moving everything server-side to server-ca directory 2012-07-06 14:45:26 -07:00

README 

In this directory is a reference CA implementation of the Chocolate protocol,
DV and signing mechanism.

Set CHOCOLATESERVER environment variable for "make deploy"!


chocolate.py - server-side, requires web.py (python-webpy),
        PyCrypto (python-crypto) 2.3 (not 2.1!!), redis, python-redis,
        python-protobuf, python-nss
	probably wants to run under a web server like lighttpd with fastcgi


chocolate_protocol.proto - protocol definition; needs protobuf-compiler

sni_challenge -
	Assumes Apache server with name based virtual hosts is running 
	(for intended address).
	Call perform_sni_cert_challenge(address, r, nonce) to do the whole 
	challenge.
	Example code is given in main method
	Right now requires full path specification of CSR/KEY in the Global 
	Variables (how should this be specified?)