It means "key" in polish.
Kluczy provides tools to manage SSL certificates.
If you read french, have a look at this official recommendation
apt-get install python-gpgme python-keyring python-openssl
brew install gpgme
Install your own virtualenv and requirements.
env ARCHFLAGS="-arch x86_64" pip install -r requirements.txt
You can read SSL certificate with QuickLook.
kluczy init
Read the comments and edit the config.ini file
kluczy run
A Certificate Authority is lazily created
Openssl provides tools for testing and debugging SSL. Generate some certificates with the default config.ini
Alice private key :
openssl rsa -in alice.key -check
Alice certificate :
openssl x509 -in alice.crt -text
First, a server :
openssl s_server -cert alice.crt -key alice.key
Then, a client :
openssl s_client -connect localhost:4433 -CAfile CA.crt
Both output are verbose, enjoy. What you write client side display server side.
Alice got a server, and verify clients :
openssl s_server -cert alice.crt -key alice.key -CAfile CA.crt -Verify 1
Bob can connect it, they use the same Certificate Authority :
openssl s_client -connect localhost:4433 -CAfile CA.crt -cert bob.crt -key bob.key
- √ Declarative certificates generation
- √ Sending mail with MIME and GPG
- √ Authenticated SMTP using the keyring
- _ Cascading certificate authority and chaining them
- _ Revocation list
- _ Hook for pushing revocation list
- _ Pin code for private keys
- _ Batch sending certificates with GPG mail
- _ Handling DH param
- _ RSA, DSA or ECDSA private key
- _ PEM or DER output format
- _ Debian package
- _ Web service for requesting SSL certificate authenticated by GPG (the CA server will never see the private key)
Three terms BSD Licence, © Mathieu Lecarme.