django-x509: a reusable django app for PKI management

23rd September 2016 in Coding Tags: cryptography, django, open-source, openwisp, python

Latelly I came across the need of a django app to manage a PKI (Public Key Infrastructure), with particular attention for managing Certification Authorities and x509 Certificates via the django admin.

I needed this feature in order to implement automatic management of VPN client certificates for OpenWISP 2 (which is based on python and django).

At first I've looked at existing solutions, but I didn't find an app that was simple to integrate in a large project, that would let users manage CAs via the django-admin and that was compatible with django 1.10.

For the previous reasons I wrote django-x509, which implements a basic features of a Public Key Infrastructure.

The main features of django-x509 are:
  • create, edit and delete Certification Authorities
  • import existing Certification Authorities
  • create, edit and delete end entity x509 certificates
  • import existing end entity x509 certificates
  • revocation of end entity certificate
  • CRL view for each Certification Authority (which can be public or protected)
  • possibility to specify x509 extensions on each certificate

All these features of django-x509 can be used via the django-admin.

The app is intentionally simple, it implements only the most basic features needed to easily generate Certification Authorities and x509 certificates, but I hope it will improve over time and be helpful to other projects or organizations that share a similar need.

Retweet

Comments

Leave your comment

Categories

Let's be social

Popular posts

Latest Comments

  1. Hi Ronak, for any question regarding OpenWISP, use one of the support channels: http://openwisp.org/support.html

    By Federico Capoano in netjsonconfig: convert NetJSON to OpenWRT UCI

  2. Hi, I have installed openwisp controller using ansible playbook. Now, i am adding the configurations automatically using OPENWRT devices in openwisp file by specifying shared_key so can you suggest me if I want to set limit to add configuration how can i do it?

    By Ronak in netjsonconfig: convert NetJSON to OpenWRT UCI

  3. Hi Julio! I missed your comment a few years ago but I'm glad you are working with OpenWISP, I'll try to reach you in private :-)

    By Federico Capoano in A Turning Point in my Life, Community Networks and OpenWISP

  4. Great news Aymará! Very happy to know this post has inspired you to experiment :-)

    By Federico Capoano in First DjangoGirls Rome wrap-up & afterthoughts

  5. Hi!! I'm a Django Girls coach too. Here, in Argentina, made just what you suggested, splited the workshop in two days. The experiment went just great! Most of the girls achieved to publish the blog from ground 0. It feels great to be helpfull ...

    By Aymará in First DjangoGirls Rome wrap-up & afterthoughts

Popular Tags

battlemesh censorship creativity criptography django event fosdem google-summer-of-code ibiza inspiration javascript jquery linux nemesisdesign netjson ninux nodeshot open-source openwisp openwrt performance photo programming python security staticgenerator talk upload wifi wireless-community