Skip to content

jclegras/tinyca

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

TinyCA

Tinyca is a very simple CA accessible via an API.

It is intended for use with programmatic ways or even tools as curl.

The application listens on the 8080 port. Two endpoints are available with the POST verb :

  • /sign
  • /signCSR

The first time you request a certificate, a key/certificate couple for a self-signed certificate will be created (your CA).

All leaf certificates requested will be then authentified by this CA.

Installation

First, install the Go tools and set up your $GOPATH. Then, run:

go get github.com/jclegras/tinyca

When using Go 1.11 or newer you don't need a $GOPATH and can instead do the following:

cd /ANY/PATH
git clone https://github.com/jclegras/tinyca.git
go build
## or
# go install

You could run a container from the source code with these commands :

docker build . -t tinyca
docker-compose up -d

Configuration

The application is configurable with environment variables :

  • CAROOT : change the directory which holds the couple key/cert for the CA (default : ~/.local/share/tinyca) ;
  • KEYNAME : change the CA key name with the given value (default : CAKey.pem) ;
  • CRTNAME : Change the CA certificate name with the given value (default : CACrt.pem)
  • PORT : change the listening port (default : 8080)

Examples

Get a key/certificate couple from your JSON request :

curl -X POST -H "Content-Type: application/json" -d @example/data.json "localhost:8080/sign"

Get a certificate from you base64-encoded CSR :

curl -X POST -d @example/csr.pem.base64 "localhost:8080/signCSR"

Reference

About

Very simple CA with API

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published