Project: django-ca (GitHub Link)

django-ca-master
- nginx
  - default.template
- ca
  - ca
    - wsgi.py
    - urls.py
    - test_settings.py
    - __init__.py
    - settings.py
    - celery.py
  - manage.py
  - django_ca
    - apps.py
    - fields.py
    - managers.py
    - templates
      - admin
        django_ca
        certificate
        change_form.html
        revoke_form.html
        add_form.html
      - django_ca
        admin
        extensions
        authority_information_access.html
        base
        crl_distribution_points_base.html
        unrecognized_extension.html
        base.html
        alternative_name_extension.html
        ordered_set_extension.html
        null_extension.html
        certificate_policies.html
        name_constraints.html
        precertificate_signed_certificate_timestamps.html
        authority_key_identifier.html
        submit_line.html
        unrecognizedextension.html
        forms
        widgets
        labeledcheckboxinput.html
        subjecttextinput.html
        custommultiwidget.html
        labeledtextinput.html
    - templatetags
      - django_ca.py
      - __init__.py
    - querysets.py
    - models.py
    - views.py
    - tasks.py
    - constants.py
    - urls.py
    - profiles.py
    - widgets.py
    - deprecation.py
    - extensions.py
    - forms.py
    - converters.py
    - subject.py
    - __init__.py
    - ocsp.py
    - utils.py
    - migrations
      - 0002_auto_20170304_1434.py
      - 0015_auto_20190518_1050.py
      - 0012_auto_20190405_2345.py
      - 0016_auto_20190706_1548.py
      - 0017_auto_20200112_1657.py
      - 0014_auto_20190518_1046.py
      - 0018_certificate_profile.py
      - 0001_initial.py
      - 0005_auto_20170307_1839.py
      - 0008_auto_20171203_2001.py
      - 0013_certificateauthority_crl_number.py
      - 0011_auto_20181208_1708.py
      - 0004_auto_20170304_1442.py
      - __init__.py
      - 0007_auto_20171119_1100.py
      - 0009_auto_20181128_2050.py
      - 0006_auto_20170505_1251.py
      - 0019_certificate_autogenerated.py
      - 0010_auto_20181128_2054.py
      - 0003_auto_20170304_1434.py
    - tests
      - tests_command_notify.py
      - tests_settings.py
      - tests_docs.py
      - tests_admin.py
      - tests_command_cache_crls.py
      - tests_management_base.py
      - tests_managers.py
      - tests_command_import_ca.py
      - tests_constants.py
      - fixtures
        root-cert.pub
        profile-enduser.csr
        cert-data.json
        alt-extensions.pub
        root-cert.csr
        child-cert.pub.der
        no-extensions.pub
        profile-ocsp.key.der
        ecc.pub.der
        profile-client.key.der
        pwd-cert.pub
        profile-client.key
        ecc-cert.pub.der
        all-extensions.csr
        child-cert.key
        profile-client.csr
        profile-webserver.key.der
        pwd.key.der
        dsa-cert.key
        dsa-cert.key.der
        pwd-cert.key.der
        profile-ocsp.pub
        profile-ocsp.csr
        ecc-cert.csr
        dsa-cert.csr
        no-extensions.key
        all-extensions.key
        all-extensions.pub.der
        child.key
        ecc.key
        profile-ocsp.key
        pwd-cert.key
        ecc.pub
        profile-webserver.key
        root.pub.der
        child-cert.pub
        profile-server.csr
        root.key.der
        dsa.pub
        all-extensions.pub
        ocsp
        nonce.req
        no-nonce.req
        req1
        multiple-serial
        unknown-serial
        pwd.pub
        profile-server.pub.der
        dsa.key.der
        ecc-cert.pub
        dsa-cert.pub.der
        profile-webserver.csr
        all-extensions.key.der
        profile-client.pub.der
        root-cert.key.der
        profile-enduser.pub.der
        root-cert.pub.der
        child.pub
        root.key
        child.key.der
        child.pub.der
        no-extensions.csr
        child-cert.key.der
        profile-enduser.pub
        alt-extensions.key.der
        profile-server.key.der
        root-cert.key
        profile-server.pub
        profile-server.key
        profile-webserver.pub.der
        pwd-cert.csr
        alt-extensions.pub.der
        profile-client.pub
        pwd.pub.der
        no-extensions.key.der
        pwd-cert.pub.der
        ecc-cert.key
        root.pub
        profile-enduser.key
        ecc-cert.key.der
        dsa.key
        profile-enduser.key.der
        no-extensions.pub.der
        alt-extensions.csr
        dsa-cert.pub
        contrib
        godaddy_derstandardat.pem
        multiple_ous_and_no_ext.pem
        cloudflare_1.pem
        letsencrypt_jabber_at.pem
        ecc.key.der
        child-cert.csr
        dsa.pub.der
        profile-webserver.pub
        pwd.key
        profile-ocsp.pub.der
        alt-extensions.key
      - tests_profiles.py
      - tests_deprecation.py
      - tests_command_view_cert.py
      - tests_base.py
      - tests_command_revoke_cert.py
      - tests_command_resign_cert.py
      - tests_command_dump_ocsp_index.py
      - tests_command_init_ca.py
      - tests_views.py
      - tests_command_cert_watchers.py
      - tests_command_sign_cert.py
      - tests_command_list_cas.py
      - tests_tasks.py
      - tests_command_edit_ca.py
      - tests_command_dump_crl.py
      - tests_command_dump_cert.py
      - tests_extensions.py
      - tests_views_ocsp.py
      - __init__.py
      - tests_querysets.py
      - tests_command_dump_ca.py
      - tests_admin_ca.py
      - tests_command_import_cert.py
      - tests_command_list_certs.py
      - tests_command_regenerate_ocsp_keys.py
      - tests_models.py
      - tests_subject.py
      - tests_command_view_ca.py
      - base.py
      - tests_utils.py
    - admin.py
    - ca_settings.py
    - signals.py
    - static
      - django_ca
        admin
        js
        sign.js
        profilewidget.js
        css
        labeledcheckboxinput.css
        certificateadmin.css
        certificateauthorityadmin.css
        base.css
        labeledtextinput.css
    - management
      - commands
        view_ca.py
        dump_cert.py
        cache_crls.py
        cert_watchers.py
        dump_crl.py
        revoke_cert.py
        sign_cert.py
        list_certs.py
        import_ca.py
        resign_cert.py
        dump_ocsp_index.py
        list_cas.py
        __init__.py
        dump_ca.py
        regenerate_ocsp_keys.py
        edit_ca.py
        init_ca.py
        view_cert.py
        notify_expiring_certs.py
        import_cert.py
      - __init__.py
      - base.py
- uwsgi
  - standalone.ini
  - uwsgi.ini
- .python-version
- readthedocs.yml
- LICENSE
- dev.py
- setup.py
- requirements-dev.txt
- .repo-maint.yaml
- setup.cfg
- .travis.yml
- README.md
- .stunnel4-revoked.conf
- .stunnel4.conf
- scripts
  - uwsgi.sh
  - celery.sh
- recreate-fixtures.py
- requirements.txt
- Dockerfile
- .gitignore
- docs
  - Makefile
  - source
    - release.rst
    - install.rst
    - web_interface.rst
    - contribute.rst
    - crl.rst
    - signals.rst
    - cli
      - intro.rst
      - certs.rst
      - cas.rst
    - extensions.rst
    - python
      - intro.rst
      - extensions.rst
      - utils.rst
      - subject.rst
      - profiles.rst
      - models.rst
    - ocsp.rst
    - docker.rst
    - ca_examples.rst
    - profiles.rst
    - settings.rst
    - index.rst
    - conf.py
    - update.rst
    - changelog.rst
    - _files
      - ca
        globalsign_r2_root.pem
        startssl_class2.pem
        digicert_global_root.pem
        comodo_dv.pem
        trustid_server_a52.pem
        startssl_class3.pem
        digicert_ev_root.pem
        startssl_root.pem
        digicert_ha_intermediate.pem
        godaddy_g2_intermediate.pem
        geotrust.pem
        google_g3.pem
        globalsign.pem
        comodo.pem
        rapidssl_g3.pem
        globalsign_dv.pem
        comodo_ev.pem
        dst_root_x3.pem
        digicert_sha2.pem
        letsencrypt_x1.pem
        identrust_root_1.pem
        letsencrypt_x3.pem
        godaddy_g2_root.pem
      - cert
        startssl_class2.pem
        comodo_dv.pem
        trustid_server_a52.pem
        startssl_class3.pem
        digicert_ha_intermediate.pem
        godaddy_g2_intermediate.pem
        google_g3.pem
        rapidssl_g3.pem
        globalsign_dv.pem
        comodo_ev.pem
        digicert_sha2.pem
        letsencrypt_x1.pem
        letsencrypt_x3.pem
      - crl
        gdroot-g2.crl
        trustid_server_a52_ca.crl
        digicert_ha_intermediate.crl
        root-r2.crl
        comodo_ev_user.pem
        DSTROOTCAX3CRL.crl
        gsr2.crl
        gdig2s1-1015.crl
        trustid_server_a52_user.crl
    - _static
      - .gitignore
    - development.rst
    - generated
      - ca_unknown.rst
      - ca_key_usage.rst
      - ca_ian.rst
      - ca_basicconstraints.rst
      - crl_issuer.rst
      - ca_nc.rst
      - crl_crlnumber.rst
      - ca_issuer.rst
      - ca_aki.rst
      - cert_certificatepolicies.rst
      - cert_aia.rst
      - cert_ski.rst
      - cert_nc.rst
      - cert_crldp.rst
      - crl_data.rst
      - crl_aki.rst
      - cert_key_usage.rst
      - cert_basicconstraints.rst
      - cert_sct.rst
      - crl_info.rst
      - cert_unknown.rst
      - crl_idp.rst
      - ca_crldp.rst
      - cert_issuer.rst
      - ca_certificatepolicies.rst
      - cert_eku.rst
      - ca_subject.rst
      - ca_aia.rst
      - cert_ian.rst
      - ca_ski.rst
      - ca_sct.rst
      - ca_eku.rst
      - cert_aki.rst
      - cert_subject.rst
  - make.bat
- .dockerignore
- requirements
  - requirements-lint.txt
  - requirements-redis.txt
  - requirements-postgres.txt
  - requirements-mysql.txt
  - requirements-rtd.txt
  - requirements-test.txt
  - requirements-docker.txt
  - requirements-libs.txt
  - requirements-core.txt
  - requirements-docs.txt
  - requirements-travis.txt
  - requirements-tox.txt
- conf
  - compose
    - 10-docker-compose.yaml
  - 00-docker.yaml
- MANIFEST.in
- docker-compose.yml
- tox.ini

django-ca

django-ca is a small project to manage TLS certificate authorities and easily issue certificates. It is based on cryptography and Django. It can be used as an app in an existing Django project or stand-alone with the basic project included. Certificates can be managed through Djangos admin interface or via manage.py commands - so no webserver is needed, if you’re happy with the command-line.

Documentation is available at https://django-ca.readthedocs.org/.

Features

Set up a secure local certificate authority in just a few minutes.
Written in Python 3.5+, Django 2.2+ and cryptography 2.7+.
Management via command line and/or via Djangos admin interface.
Certificate revocation via CRLs and OCSP.
Get email notifications about certificates about to expire.

Please see https://django-ca.readthedocs.org for more extensive documentation.

Documentation

Documentation is available at https://django-ca.readthedocs.org/.

ChangeLog

Please see https://django-ca.readthedocs.io/en/latest/changelog.html

ToDo

Ideas on what we could do for future releases:

Add parameter to add generic CRL/OCSP URLs to CAs.
Test CRL signing certificates.
Only send out one notification if multiple certificates expire for a user.
Add ability to automatically regenerate CRLs when a certificate is revoked.

License

This project is free software licensed under the GPLv3.