You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Edoardo Putti
ebe1b13e2b
|
8 years ago | |
|---|---|---|
| LICENSE | 8 years ago | |
| README.md | 8 years ago | |
| ca_manager.py | 8 years ago | |
| ca_shell.py | 8 years ago | |
| certificate_requests.py | 8 years ago | |
| make_get_request.py | 8 years ago | |
| make_ssh_host_request.py | 8 years ago | |
| make_ssh_user_request.py | 8 years ago | |
| make_ssl_host_request.py | 8 years ago | |
| paths.py | 8 years ago | |
| request_server.py | 8 years ago | |
README.md
CA manager
This collection of tools is our take on managing a CA, signing SSH keys and certificates, signin SSL certificates.
Tools
request_server.py
This is a shell for a user, the shell only reads the input from the user and return a JSON, this user can be used with Ansible to request and retrive certificates.
The input must be a JSON file, e.g
{
{
"keyType": "ssh_host",
"hostName": "my_new_server",
"keyData": "ssh-ed25519 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa root@my_new_server"
},
"type": "sign_request"
}
the example is a sign_request for a ssh host certificate.
The shell just output a json with status and reason keys.
{
"reason" : ...,
"status" : ...
}
The server logs can be found at /home/request/request_server.log
ca_sheel.py
This is a shell for a user, the shell limits the commands to the one we are interested, like generating a SSH/SSL CA, signing keys.
# LILiK CA Manager
Welcome to the certification authority shell.
Type help or ? to list commands.
(CA Manager)> ?
Documented commands (type help <topic>):
========================================
describe_cas gen_ca help ls_ca ls_requests quit sign_request
Configuration
The only configuration needed is the path where to operate, modifying te file paths.py is all is needed.