A simple public key infrastructure to allow issuing and automatic renewal of X509 certificates
Project description
# IoT_pki
Public Key Infrastructure for IoT devices built in python django
# Functionality
API interface allows clients to:
* Request new X509 certificates (subject to approval)
* Download new X509 certificates once approved
* Renew existing valid X509 certificates
Admin interface allows administrators to:
* Create self signed Certificate Authority to sign certificate requests
* View and approve X509 certificate requests
* View and revoke existing X509 certificates
# Documentation
https://docs.zibawa.com/doku.php?id=pki:start
# Quick start
Below are instructions for installing IoT_pki to an EXISTING django project.
Alternatively you can install as a stand alone django project as explained in https://docs.zibawa.com
-----------
1. Add "IoT_pki" to your INSTALLED_APPS setting like this::
INSTALLED_APPS = [
...
'IoT_pki',
'rest_framework',
]
2. Include the IoT_pki URLconf in your project urls.py like this::
(see docs.zibawa.com),
```
#below required for IoT_pki
from rest_framework import routers
from rest_framework.documentation import include_docs_urls
from IoT_pki import views
router = routers.DefaultRouter()
# add below to your url patterns block
urlpatterns = [
#you already have some url patterns defined so add below..
....
#below are IoT_pki
url(r'^IoT_pki/', include('IoT_pki.urls',namespace='IoT_pki')),
url(r'^', include(router.urls)),
url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
url(r'^docs/', include_docs_urls(title='zibawa_PKI'))
]
```
3. Run `python manage.py migrate` to create the models.
4. Add the following to your project settings.py
```
#used to create and renew X509 certificates. The certificate and key used at below location will be used to sign
#all certificates generated by PKI
PKI={'host':'secret.myserver.com','port':443,
'use_ssl':True,#should always be True except for testing
'verify_certs':False,#verify identity of server should be True except for testing
'path_to_ca_cert':'/home/jmm/myCA/certs/100.pem',
'path_to_ca_key':'/home/jmm/myCA/private/100.key',
'path_to_certstore':'/home/jmm/myCA/certs/',#requires trailing slash, place to keep CA certs
'path_to_keystore':'/home/jmm/myCA/private/',#requires trailing slash. place to keep ca keys should be permission 400
'auto_approve_requests':True,#should be FALSE (true will automatically approve all requests)
}
CERT_DEFAULTS={'country_name':"ES",#obligatory must be 2 letter country code
'state_or_province_name':"Barcelona",
'valid_days':365,#validity of certificates generated must be integer not string
'min_days_remaining_for_renewal':400
}
#used as part of PKI
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.IsAdminUser',
],
'PAGE_SIZE': 10
}
```
5. Start the development server and visit http://127.0.0.1:8000/admin/
to administer your certificates (you'll need a superuser and the Admin app enabled).
6. Visit http://docs.zibawa.com for full information.
Public Key Infrastructure for IoT devices built in python django
# Functionality
API interface allows clients to:
* Request new X509 certificates (subject to approval)
* Download new X509 certificates once approved
* Renew existing valid X509 certificates
Admin interface allows administrators to:
* Create self signed Certificate Authority to sign certificate requests
* View and approve X509 certificate requests
* View and revoke existing X509 certificates
# Documentation
https://docs.zibawa.com/doku.php?id=pki:start
# Quick start
Below are instructions for installing IoT_pki to an EXISTING django project.
Alternatively you can install as a stand alone django project as explained in https://docs.zibawa.com
-----------
1. Add "IoT_pki" to your INSTALLED_APPS setting like this::
INSTALLED_APPS = [
...
'IoT_pki',
'rest_framework',
]
2. Include the IoT_pki URLconf in your project urls.py like this::
(see docs.zibawa.com),
```
#below required for IoT_pki
from rest_framework import routers
from rest_framework.documentation import include_docs_urls
from IoT_pki import views
router = routers.DefaultRouter()
# add below to your url patterns block
urlpatterns = [
#you already have some url patterns defined so add below..
....
#below are IoT_pki
url(r'^IoT_pki/', include('IoT_pki.urls',namespace='IoT_pki')),
url(r'^', include(router.urls)),
url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
url(r'^docs/', include_docs_urls(title='zibawa_PKI'))
]
```
3. Run `python manage.py migrate` to create the models.
4. Add the following to your project settings.py
```
#used to create and renew X509 certificates. The certificate and key used at below location will be used to sign
#all certificates generated by PKI
PKI={'host':'secret.myserver.com','port':443,
'use_ssl':True,#should always be True except for testing
'verify_certs':False,#verify identity of server should be True except for testing
'path_to_ca_cert':'/home/jmm/myCA/certs/100.pem',
'path_to_ca_key':'/home/jmm/myCA/private/100.key',
'path_to_certstore':'/home/jmm/myCA/certs/',#requires trailing slash, place to keep CA certs
'path_to_keystore':'/home/jmm/myCA/private/',#requires trailing slash. place to keep ca keys should be permission 400
'auto_approve_requests':True,#should be FALSE (true will automatically approve all requests)
}
CERT_DEFAULTS={'country_name':"ES",#obligatory must be 2 letter country code
'state_or_province_name':"Barcelona",
'valid_days':365,#validity of certificates generated must be integer not string
'min_days_remaining_for_renewal':400
}
#used as part of PKI
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.IsAdminUser',
],
'PAGE_SIZE': 10
}
```
5. Start the development server and visit http://127.0.0.1:8000/admin/
to administer your certificates (you'll need a superuser and the Admin app enabled).
6. Visit http://docs.zibawa.com for full information.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
django_IoT_pki-1.2.tar.gz
(28.3 kB
view hashes)
