django-x509
===========
.. image:: https://github.com/openwisp/django-x509/workflows/Django-x509%20Build/badge.svg?branch=master
:target: https://github.com/openwisp/django-x509/actions?query=workflow%3A"Django-x509+Build%22"
:alt: CI build status
.. image:: https://coveralls.io/repos/openwisp/django-x509/badge.svg
:target: https://coveralls.io/r/openwisp/django-x509
:alt: Test Coverage
.. image:: https://img.shields.io/librariesio/release/github/openwisp/django-x509
:target: https://libraries.io/github/openwisp/django-x509#repository_dependencies
:alt: Dependency monitoring
.. image:: https://img.shields.io/gitter/room/nwjs/nw.js.svg
:target: https://gitter.im/openwisp/general
:alt: chat
.. image:: https://badge.fury.io/py/django-x509.svg
:target: http://badge.fury.io/py/django-x509
:alt: Pypi Version
.. image:: https://pepy.tech/badge/django-x509
:target: https://pepy.tech/project/django-x509
:alt: downloads
.. image:: https://img.shields.io/badge/code%20style-black-000000.svg
:target: https://pypi.org/project/black/
:alt: code style: black
----
.. image:: https://github.com/openwisp/django-x509/raw/master/docs/demo_x509.gif
:alt: demo
----
Simple reusable django app implementing x509 PKI certificates management.
**Want to help OpenWISP?** `Find out how to help us grow here
<http://openwisp.io/docs/general/help-us.html>`_.
.. image:: https://raw.githubusercontent.com/openwisp/openwisp2-docs/master/assets/design/openwisp-logo-black.svg
:target: http://openwisp.org
----
.. contents:: **Table of Contents**:
:backlinks: none
:depth: 3
----
Current features
----------------
- CA generation
- Import existing CAs
- End entity certificate generation
- Import existing certificates
- Certificate revocation
- CRL view (public or protected)
- Possibility to specify x509 extensions on each certificate
- Random serial numbers based on uuid4 integers (see `why is this a good
idea
<https://crypto.stackexchange.com/questions/257/unpredictability-of-x-509-serial-numbers>`_)
- Possibility to generate and import passphrase protected x509
certificates/CAs
- Passphrase protected x509 content will be shown encrypted in the web UI
Project goals
-------------
- provide a simple and reusable x509 PKI management django app
- provide abstract models that can be imported and extended in larger
django projects
Dependencies
------------
- Python >= 3.8
- OpenSSL
Install stable version from pypi
--------------------------------
Install from pypi:
.. code-block:: shell
pip install django-x509
Install development version
---------------------------
Install tarball:
.. code-block:: shell
pip install https://github.com/openwisp/django-x509/tarball/master
Alternatively you can install via pip using git:
.. code-block:: shell
pip install -e git+git://github.com/openwisp/django-x509#egg=django-x509
If you want to contribute, install your cloned fork:
.. code-block:: shell
git clone git@github.com:<your_fork>/django-x509.git
cd django-x509
python setup.py develop
Setup (integrate in an existing django project)
-----------------------------------------------
Add ``django_x509`` to ``INSTALLED_APPS``:
.. code-block:: python
INSTALLED_APPS = [
# other apps
"django_x509",
]
Add the URLs to your main ``urls.py``:
.. code-block:: python
from django.contrib import admin
urlpatterns = [
# ... other urls in your project ...
url(r"admin/", admin.site.urls),
]
Then run:
.. code-block:: shell
./manage.py migrate
Installing for development
--------------------------
Install sqlite:
.. code-block:: shell
sudo apt-get install sqlite3 libsqlite3-dev
Install your forked repo:
.. code-block:: shell
git clone git://github.com/<your_fork>/django-x509
cd django-x509/
python setup.py develop
Install test requirements:
.. code-block:: shell
pip install -r requirements-test.txt
Create database:
.. code-block:: shell
cd tests/
./manage.py migrate
./manage.py createsuperuser
Launch development server:
.. code-block:: shell
./manage.py runserver
You can access the admin interface at http://127.0.0.1:8000/admin/.
Run tests with:
.. code-block:: shell
./runtests.py
Install and run on docker
-------------------------
Build from docker file:
.. code-block:: shell
sudo docker build -t openwisp/djangox509 .
Run the docker container:
.. code-block:: shell
sudo docker run -it -p 8000:8000 openwisp/djangox509
Settings
--------
``DJANGO_X509_DEFAULT_CERT_VALIDITY``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
============ =======
**type**: ``int``
**default**: ``365``
============ =======
Default validity period (in days) when creating new x509 certificates.
``DJANGO_X509_DEFAULT_CA_VALIDITY``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
============ ========
**type**: ``int``
**default**: ``3650``
============ ========
Default validity period (in days) when creating new Certification
Authorities.
``DJANGO_X509_DEFAULT_KEY_LENGTH``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
============ ========
**type**: ``int``
**default**: ``2048``
============ ========
Default key length for new CAs and new certificates.
Must be one of the following values:
- ``512``
- ``1024``
- ``2048``
- ``4096``
``DJANGO_X509_DEFAULT_DIGEST_ALGORITHM``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
============ ==========
**type**: ``str``
**default**: ``sha256``
============ ==========
Default digest algorithm for new CAs and new certificates.
Must be one of the following values:
- ``sha1``
- ``sha224``
- ``sha256``
- ``sha384``
- ``sha512``
``DJANGO_X509_CA_BASIC_CONSTRAINTS_CRITICAL``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
============ ========
**type**: ``bool``
**default**: ``True``
============ ========
Whether the ``basicConstraint`` x509 extension must be flagged as critical
when creating new CAs.
``DJANGO_X509_CA_BASIC_CONSTRAINTS_PATHLEN``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
============ ===================
**type**: ``int`` or ``None``
**default**: ``0``
============ ===================
Value of the ``pathLenConstraint`` of ``basicConstraint`` x509 extension
used when creating new CAs.
When this value is a positive ``int`` it represents the maximum number of
non-self-issued intermediate certificates that may follow the generated
certificate in a valid certification path.
Set this value to ``None`` to avoid imposing any limit.
``DJANGO_X509_CA_KEYUSAGE_CRITICAL``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
============ ========
**type**: ``bool``
**default**: ``True``
============ ========
Whether the ``keyUsage`` x509 extension should be flagged as "critical"
for new CAs.
``DJANGO_X509_CA_KEYUSAGE_VALUE``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
============ ========================
**type**: ``str``
**default**: ``cRLSign, keyCertSign``
============ ========================
Value of the ``keyUsage`` x509 extension for new CAs.
``DJANGO_X509_CERT_KEYUSAGE_CRITICAL``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
============ =========
**type**: ``bool``
**default**: ``False``
============ =========
Whether the ``keyUsage`` x509 extension should be flagged as "critical"
for new end-entity certificates.
``DJANGO_X509_CERT_KEYUSAGE_VALUE``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
============ =====================================
**type**: ``str``
**default**: ``digitalSignature, keyEncipherment``
============ =====================================
Value of the ``keyUsage`` x509 extension for new end-entity certificates.
``DJANGO_X509_CRL_PROTECTED``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
============ =========
**type**: ``bool``
**default**: ``False``
============ =========
Whether the view for downloading Certificate Revocation Lists should be
protected with authentication or not.
Extending django-x509
---------------------
One of the core values of the OpenWISP project is `Software Reusability
<http://openwisp.io/docs/general/values.html#software-reusability-means-long-term-sustainability>`_,
for this reason *django-x509* provides a set of base classes which can be
imported, extended and reused to create derivative apps.
In order to implement your custom version of *django-x509*, you need to
perform the steps described in this section.
When in doubt, the code in the `test project
<https://github.com/openwisp/django-x509/tree/master/tests/openwisp2/>`_
and the `sample app
<https://github.com/openwisp/django-x509/tree/master/tests/openwisp2/sample_x509/>`_
will serve you as source of truth: just replicate and adapt that code to
get a basic derivative of *django-x509* working.
**Premise**: if you plan on using a customized version of this module, we
suggest to start with it since the beginning, because migrating your data
from the default module to your extended version may be time consuming.
1. Initialize your custom module
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The first thing you need to do is to create a new django app which will
contain your custom version of *django-x509*.
A django app is nothing more than a `python package
<https://docs.python.org/3/tutorial/modules.html#packages>`_ (a directory
of python scripts), in the following examples we'll call this django app
``myx509``, but you can name it how you want:
::
django-admin startapp myx509
Keep in mind that the command mentioned above must be called from a
directory which is available in your `PYTHON_PATH
<https://docs.python.org/3/using/cmdline.html#envvar-PYTHONPATH>`_ so that
you can then import the result into your project.
Now you need to add ``myx509`` to ``INSTALLED_APPS`` in your
``settings.py``, ensuring also that ``django_x509`` has been removed:
.. code-block:: python
INSTALLED_APPS = [
# ... other apps ...
# 'django_x509' <-- comment out or delete this line
"myx509"
]
For more information about how to work with django projects and django
apps, please refer to the `django documentation
<https://docs.djangoproject.com/en/dev/intro/tutorial01/>`_.
2. Install ``django-x509`` & ``openwisp-utils``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Install (and add to the requirement of your project):
::
pip install django-x509 openwisp-utils
3. Add ``EXTENDED_APPS``
~~~~~~~~~~~~~~~~~~~~~~~~
Add the following to your ``settings.py``:
.. code-block:: python
EXTENDED_APPS = ["django_x509"]
4. Add ``openwisp_utils.staticfiles.DependencyFinder``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Add ``openwisp_utils.staticfiles.DependencyFinder`` to
``STATICFILES_FINDERS`` in your ``settings.py``:
.. code-block:: python
STATICFILES_FINDERS = [
"django.contrib.staticfiles.finders.FileSystemFinder",
"django.contrib.staticfiles.finders.AppDirectoriesFinder",
"openwisp_utils.staticfiles.DependencyFinder",
]
5. Add ``openwisp_utils.loaders.DependencyLoader``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Add ``openwisp_utils.loaders.DependencyLoader`` to ``TEMPLATES`` in your
``settings.py``:
.. code-block:: python
TEMPLATES = [
{
"BACKEND": "django.template.backends.django.DjangoTemplates",
"OPTIONS": {
"loaders": [
"django.template.loaders.filesystem.Loader",
"django.template.loaders.app_directories.Loader",
"openwisp_utils.loaders.DependencyLoader",
],
"context_processors": [
"django.template.context_processors.debug",
"django.template.context_processors.request",
"django.contrib.auth.context_processors.auth",
"django.contrib.messages.context_processors.messages",
],
},
}
]
6. Inherit the AppConfig class
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Please refer to the following files in the sample app of the test project:
- `sample_x509/__init__.py
<https://github.com/openwisp/django-x509/tree/master/tests/openwisp2/sample_x509/__init__.py>`_.
- `sample_x509/apps.py
<https://github.com/openwisp/django-x509/tree/master/tests/openwisp2/sample_x509/apps.py>`_.
You have to replicate and adapt that code in your project.
For more information regarding the concept of ``AppConfig`` please refer
to the `"Applications" section in the django documentation
<https://docs.djangoproject.com/en/dev/ref/applications/>`_.
7. Create your custom models
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Here we provide an example of how to extend the base models of
*django-x509*. We added a simple "details" field to the models for
demostration of modification:
.. code-block:: python
from django.db import models
from django_x509.base.models import AbstractCa, AbstractCert
class DetailsModel(models.Model):
details = models.CharField(max_length=64, blank=True, null=True)
class Meta:
abstract = True
class Ca(DetailsModel, AbstractCa):
"""
Concrete Ca model
"""
class Meta(AbstractCa.Meta):
abstract = False
class Cert(DetailsModel, AbstractCert):
"""
Concrete Cert model
"""
class Meta(AbstractCert.Meta):
abstract = False
You can add fields in a similar way in your ``models.py`` file.
**Note**: for doubts regarding how to use, extend or develop models please
refer to the `"Models" section in the django documentation
<https://docs.djangoproject.com/en/dev/topics/db/models/>`_.
8. Add swapper configurations
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Once you have created the models, add the following to your
``settings.py``:
.. code-block:: python
# Setting models for swapper module
DJANGO_X509_CA_MODEL = "myx509.Ca"
DJANGO_X509_CERT_MODEL = "myx509.Cert"
Substitute ``myx509`` with the name you chose in step 1.
9. Create database migrations
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Create and apply database migrations:
::
./manage.py makemigrations
./manage.py migrate
For more information, refer to the `"Migrations" section in the django
documentation
<https://docs.djangoproject.com/en/dev/topics/migrations/>`_.
10. Create the admin
~~~~~~~~~~~~~~~~~~~~
Refer to the `admin.py file of the sample app
<https://github.com/openwisp/django-x509/tree/master/tests/openwisp2/sample_x509/admin.py>`_.
To introduce changes to the admin, you can do it in two main ways which
are described below.
**Note**: for more information regarding how the django admin works, or
how it can be customized, please refer to `"The django admin site" section
in the django documentation
<https://docs.djangoproject.com/en/dev/ref/contrib/admin/>`_.
1. Monkey patching
++++++++++++++++++
If the changes you need to add are relatively small, you can resort to
monkey patching.
For example:
.. code-block:: python
from django_x509.admin import CaAdmin, CertAdmin
CaAdmin.list_display.insert(
1, "my_custom_field"
) # <-- your custom change example
CertAdmin.list_display.insert(
1, "my_custom_field"
) # <-- your custom change example
2. Inheriting admin classes
+++++++++++++++++++++++++++
If you need to introduce significant changes and/or you don't want to
resort to monkey patching, you can proceed as follows:
.. code-block:: python
from django.contrib import admin
from swapper import load_model
from django_x509.base.admin import AbstractCaAdmin, AbstractCertAdmin
Ca = load_model("django_x509", "Ca")
Cert = load_model("django_x509", "Cert")
class CertAdmin(AbstractCertAdmin):
pass
# add your changes here
class CaAdmin(AbstractCaAdmin):
pass
# add your changes here
admin.site.register(Ca, CaAdmin)
admin.site.register(Cert, CertAdmin)
11. Create root URL configuration
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Please refer to the `urls.py
<https://github.com/openwisp/django-x509/tree/master/tests/openwisp2/urls.py>`_
file in the test project.
For more information about URL configuration in django, please refer to
the `"URL dispatcher" section in the django documentation
<https://docs.djangoproject.com/en/dev/topics/http/urls/>`_.
12. Import the automated tests
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
When developing a custom application based on this module, it's a good
idea to import and run the base tests too, so that you can be sure the
changes you're introducing are not breaking some of the existing features
of *django-x509*.
In case you need to add breaking changes, you can overwrite the tests
defined in the base classes to test your own behavior.
.. code-block:: python
from django.test import TestCase
from django_x509.tests.base import TestX509Mixin
from django_x509.tests.test_admin import (
ModelAdminTests as BaseModelAdminTests,
)
from django_x509.tests.test_ca import TestCa as BaseTestCa
from django_x509.tests.test_cert import TestCert as BaseTestCert
class ModelAdminTests(BaseModelAdminTests):
app_label = "myx509"
class TestCert(BaseTestCert):
pass
class TestCa(BaseTestCa):
pass
del BaseModelAdminTests
del BaseTestCa
del BaseTestCert
Now, you can then run tests with:
::
# the --parallel flag is optional
./manage.py test --parallel myx509
Substitute ``myx509`` with the name you chose in step 1.
For more information about automated tests in django, please refer to
`"Testing in Django"
<https://docs.djangoproject.com/en/dev/topics/testing/>`_.
Contributing
------------
Please refer to the `OpenWISP contributing guidelines
<http://openwisp.io/docs/developer/contributing.html>`_.
Support
-------
See `OpenWISP Support Channels <http://openwisp.org/support.html>`_.
Changelog
---------
See `CHANGES
<https://github.com/openwisp/django-x509/blob/master/CHANGES.rst>`_.
License
-------
See `LICENSE
<https://github.com/openwisp/django-x509/blob/master/LICENSE>`_.
Raw data
{
"_id": null,
"home_page": "https://github.com/openwisp/django-x509",
"name": "django-x509",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": null,
"keywords": "django, x509, pki, PEM, openwisp",
"author": "Federico Capoano",
"author_email": "f.capoano@cineca.it",
"download_url": "https://files.pythonhosted.org/packages/92/e6/5c14b6725ea2bbe0a3befaad96297f619f3d528ec417a3c1a3e211f3cd13/django_x509-1.2.tar.gz",
"platform": "Platform Indipendent",
"description": "django-x509\n===========\n\n.. image:: https://github.com/openwisp/django-x509/workflows/Django-x509%20Build/badge.svg?branch=master\n :target: https://github.com/openwisp/django-x509/actions?query=workflow%3A\"Django-x509+Build%22\"\n :alt: CI build status\n\n.. image:: https://coveralls.io/repos/openwisp/django-x509/badge.svg\n :target: https://coveralls.io/r/openwisp/django-x509\n :alt: Test Coverage\n\n.. image:: https://img.shields.io/librariesio/release/github/openwisp/django-x509\n :target: https://libraries.io/github/openwisp/django-x509#repository_dependencies\n :alt: Dependency monitoring\n\n.. image:: https://img.shields.io/gitter/room/nwjs/nw.js.svg\n :target: https://gitter.im/openwisp/general\n :alt: chat\n\n.. image:: https://badge.fury.io/py/django-x509.svg\n :target: http://badge.fury.io/py/django-x509\n :alt: Pypi Version\n\n.. image:: https://pepy.tech/badge/django-x509\n :target: https://pepy.tech/project/django-x509\n :alt: downloads\n\n.. image:: https://img.shields.io/badge/code%20style-black-000000.svg\n :target: https://pypi.org/project/black/\n :alt: code style: black\n\n----\n\n.. image:: https://github.com/openwisp/django-x509/raw/master/docs/demo_x509.gif\n :alt: demo\n\n----\n\nSimple reusable django app implementing x509 PKI certificates management.\n\n**Want to help OpenWISP?** `Find out how to help us grow here\n<http://openwisp.io/docs/general/help-us.html>`_.\n\n.. image:: https://raw.githubusercontent.com/openwisp/openwisp2-docs/master/assets/design/openwisp-logo-black.svg\n :target: http://openwisp.org\n\n----\n\n.. contents:: **Table of Contents**:\n :backlinks: none\n :depth: 3\n\n----\n\nCurrent features\n----------------\n\n- CA generation\n- Import existing CAs\n- End entity certificate generation\n- Import existing certificates\n- Certificate revocation\n- CRL view (public or protected)\n- Possibility to specify x509 extensions on each certificate\n- Random serial numbers based on uuid4 integers (see `why is this a good\n idea\n <https://crypto.stackexchange.com/questions/257/unpredictability-of-x-509-serial-numbers>`_)\n- Possibility to generate and import passphrase protected x509\n certificates/CAs\n- Passphrase protected x509 content will be shown encrypted in the web UI\n\nProject goals\n-------------\n\n- provide a simple and reusable x509 PKI management django app\n- provide abstract models that can be imported and extended in larger\n django projects\n\nDependencies\n------------\n\n- Python >= 3.8\n- OpenSSL\n\nInstall stable version from pypi\n--------------------------------\n\nInstall from pypi:\n\n.. code-block:: shell\n\n pip install django-x509\n\nInstall development version\n---------------------------\n\nInstall tarball:\n\n.. code-block:: shell\n\n pip install https://github.com/openwisp/django-x509/tarball/master\n\nAlternatively you can install via pip using git:\n\n.. code-block:: shell\n\n pip install -e git+git://github.com/openwisp/django-x509#egg=django-x509\n\nIf you want to contribute, install your cloned fork:\n\n.. code-block:: shell\n\n git clone git@github.com:<your_fork>/django-x509.git\n cd django-x509\n python setup.py develop\n\nSetup (integrate in an existing django project)\n-----------------------------------------------\n\nAdd ``django_x509`` to ``INSTALLED_APPS``:\n\n.. code-block:: python\n\n INSTALLED_APPS = [\n # other apps\n \"django_x509\",\n ]\n\nAdd the URLs to your main ``urls.py``:\n\n.. code-block:: python\n\n from django.contrib import admin\n\n urlpatterns = [\n # ... other urls in your project ...\n url(r\"admin/\", admin.site.urls),\n ]\n\nThen run:\n\n.. code-block:: shell\n\n ./manage.py migrate\n\nInstalling for development\n--------------------------\n\nInstall sqlite:\n\n.. code-block:: shell\n\n sudo apt-get install sqlite3 libsqlite3-dev\n\nInstall your forked repo:\n\n.. code-block:: shell\n\n git clone git://github.com/<your_fork>/django-x509\n cd django-x509/\n python setup.py develop\n\nInstall test requirements:\n\n.. code-block:: shell\n\n pip install -r requirements-test.txt\n\nCreate database:\n\n.. code-block:: shell\n\n cd tests/\n ./manage.py migrate\n ./manage.py createsuperuser\n\nLaunch development server:\n\n.. code-block:: shell\n\n ./manage.py runserver\n\nYou can access the admin interface at http://127.0.0.1:8000/admin/.\n\nRun tests with:\n\n.. code-block:: shell\n\n ./runtests.py\n\nInstall and run on docker\n-------------------------\n\nBuild from docker file:\n\n.. code-block:: shell\n\n sudo docker build -t openwisp/djangox509 .\n\nRun the docker container:\n\n.. code-block:: shell\n\n sudo docker run -it -p 8000:8000 openwisp/djangox509\n\nSettings\n--------\n\n``DJANGO_X509_DEFAULT_CERT_VALIDITY``\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n============ =======\n**type**: ``int``\n**default**: ``365``\n============ =======\n\nDefault validity period (in days) when creating new x509 certificates.\n\n``DJANGO_X509_DEFAULT_CA_VALIDITY``\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n============ ========\n**type**: ``int``\n**default**: ``3650``\n============ ========\n\nDefault validity period (in days) when creating new Certification\nAuthorities.\n\n``DJANGO_X509_DEFAULT_KEY_LENGTH``\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n============ ========\n**type**: ``int``\n**default**: ``2048``\n============ ========\n\nDefault key length for new CAs and new certificates.\n\nMust be one of the following values:\n\n- ``512``\n- ``1024``\n- ``2048``\n- ``4096``\n\n``DJANGO_X509_DEFAULT_DIGEST_ALGORITHM``\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n============ ==========\n**type**: ``str``\n**default**: ``sha256``\n============ ==========\n\nDefault digest algorithm for new CAs and new certificates.\n\nMust be one of the following values:\n\n- ``sha1``\n- ``sha224``\n- ``sha256``\n- ``sha384``\n- ``sha512``\n\n``DJANGO_X509_CA_BASIC_CONSTRAINTS_CRITICAL``\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n============ ========\n**type**: ``bool``\n**default**: ``True``\n============ ========\n\nWhether the ``basicConstraint`` x509 extension must be flagged as critical\nwhen creating new CAs.\n\n``DJANGO_X509_CA_BASIC_CONSTRAINTS_PATHLEN``\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n============ ===================\n**type**: ``int`` or ``None``\n**default**: ``0``\n============ ===================\n\nValue of the ``pathLenConstraint`` of ``basicConstraint`` x509 extension\nused when creating new CAs.\n\nWhen this value is a positive ``int`` it represents the maximum number of\nnon-self-issued intermediate certificates that may follow the generated\ncertificate in a valid certification path.\n\nSet this value to ``None`` to avoid imposing any limit.\n\n``DJANGO_X509_CA_KEYUSAGE_CRITICAL``\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n============ ========\n**type**: ``bool``\n**default**: ``True``\n============ ========\n\nWhether the ``keyUsage`` x509 extension should be flagged as \"critical\"\nfor new CAs.\n\n``DJANGO_X509_CA_KEYUSAGE_VALUE``\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n============ ========================\n**type**: ``str``\n**default**: ``cRLSign, keyCertSign``\n============ ========================\n\nValue of the ``keyUsage`` x509 extension for new CAs.\n\n``DJANGO_X509_CERT_KEYUSAGE_CRITICAL``\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n============ =========\n**type**: ``bool``\n**default**: ``False``\n============ =========\n\nWhether the ``keyUsage`` x509 extension should be flagged as \"critical\"\nfor new end-entity certificates.\n\n``DJANGO_X509_CERT_KEYUSAGE_VALUE``\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n============ =====================================\n**type**: ``str``\n**default**: ``digitalSignature, keyEncipherment``\n============ =====================================\n\nValue of the ``keyUsage`` x509 extension for new end-entity certificates.\n\n``DJANGO_X509_CRL_PROTECTED``\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n============ =========\n**type**: ``bool``\n**default**: ``False``\n============ =========\n\nWhether the view for downloading Certificate Revocation Lists should be\nprotected with authentication or not.\n\nExtending django-x509\n---------------------\n\nOne of the core values of the OpenWISP project is `Software Reusability\n<http://openwisp.io/docs/general/values.html#software-reusability-means-long-term-sustainability>`_,\nfor this reason *django-x509* provides a set of base classes which can be\nimported, extended and reused to create derivative apps.\n\nIn order to implement your custom version of *django-x509*, you need to\nperform the steps described in this section.\n\nWhen in doubt, the code in the `test project\n<https://github.com/openwisp/django-x509/tree/master/tests/openwisp2/>`_\nand the `sample app\n<https://github.com/openwisp/django-x509/tree/master/tests/openwisp2/sample_x509/>`_\nwill serve you as source of truth: just replicate and adapt that code to\nget a basic derivative of *django-x509* working.\n\n**Premise**: if you plan on using a customized version of this module, we\nsuggest to start with it since the beginning, because migrating your data\nfrom the default module to your extended version may be time consuming.\n\n1. Initialize your custom module\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nThe first thing you need to do is to create a new django app which will\ncontain your custom version of *django-x509*.\n\nA django app is nothing more than a `python package\n<https://docs.python.org/3/tutorial/modules.html#packages>`_ (a directory\nof python scripts), in the following examples we'll call this django app\n``myx509``, but you can name it how you want:\n\n::\n\n django-admin startapp myx509\n\nKeep in mind that the command mentioned above must be called from a\ndirectory which is available in your `PYTHON_PATH\n<https://docs.python.org/3/using/cmdline.html#envvar-PYTHONPATH>`_ so that\nyou can then import the result into your project.\n\nNow you need to add ``myx509`` to ``INSTALLED_APPS`` in your\n``settings.py``, ensuring also that ``django_x509`` has been removed:\n\n.. code-block:: python\n\n INSTALLED_APPS = [\n # ... other apps ...\n # 'django_x509' <-- comment out or delete this line\n \"myx509\"\n ]\n\nFor more information about how to work with django projects and django\napps, please refer to the `django documentation\n<https://docs.djangoproject.com/en/dev/intro/tutorial01/>`_.\n\n2. Install ``django-x509`` & ``openwisp-utils``\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nInstall (and add to the requirement of your project):\n\n::\n\n pip install django-x509 openwisp-utils\n\n3. Add ``EXTENDED_APPS``\n~~~~~~~~~~~~~~~~~~~~~~~~\n\nAdd the following to your ``settings.py``:\n\n.. code-block:: python\n\n EXTENDED_APPS = [\"django_x509\"]\n\n4. Add ``openwisp_utils.staticfiles.DependencyFinder``\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nAdd ``openwisp_utils.staticfiles.DependencyFinder`` to\n``STATICFILES_FINDERS`` in your ``settings.py``:\n\n.. code-block:: python\n\n STATICFILES_FINDERS = [\n \"django.contrib.staticfiles.finders.FileSystemFinder\",\n \"django.contrib.staticfiles.finders.AppDirectoriesFinder\",\n \"openwisp_utils.staticfiles.DependencyFinder\",\n ]\n\n5. Add ``openwisp_utils.loaders.DependencyLoader``\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nAdd ``openwisp_utils.loaders.DependencyLoader`` to ``TEMPLATES`` in your\n``settings.py``:\n\n.. code-block:: python\n\n TEMPLATES = [\n {\n \"BACKEND\": \"django.template.backends.django.DjangoTemplates\",\n \"OPTIONS\": {\n \"loaders\": [\n \"django.template.loaders.filesystem.Loader\",\n \"django.template.loaders.app_directories.Loader\",\n \"openwisp_utils.loaders.DependencyLoader\",\n ],\n \"context_processors\": [\n \"django.template.context_processors.debug\",\n \"django.template.context_processors.request\",\n \"django.contrib.auth.context_processors.auth\",\n \"django.contrib.messages.context_processors.messages\",\n ],\n },\n }\n ]\n\n6. Inherit the AppConfig class\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nPlease refer to the following files in the sample app of the test project:\n\n- `sample_x509/__init__.py\n <https://github.com/openwisp/django-x509/tree/master/tests/openwisp2/sample_x509/__init__.py>`_.\n- `sample_x509/apps.py\n <https://github.com/openwisp/django-x509/tree/master/tests/openwisp2/sample_x509/apps.py>`_.\n\nYou have to replicate and adapt that code in your project.\n\nFor more information regarding the concept of ``AppConfig`` please refer\nto the `\"Applications\" section in the django documentation\n<https://docs.djangoproject.com/en/dev/ref/applications/>`_.\n\n7. Create your custom models\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nHere we provide an example of how to extend the base models of\n*django-x509*. We added a simple \"details\" field to the models for\ndemostration of modification:\n\n.. code-block:: python\n\n from django.db import models\n from django_x509.base.models import AbstractCa, AbstractCert\n\n\n class DetailsModel(models.Model):\n details = models.CharField(max_length=64, blank=True, null=True)\n\n class Meta:\n abstract = True\n\n\n class Ca(DetailsModel, AbstractCa):\n \"\"\"\n Concrete Ca model\n \"\"\"\n\n class Meta(AbstractCa.Meta):\n abstract = False\n\n\n class Cert(DetailsModel, AbstractCert):\n \"\"\"\n Concrete Cert model\n \"\"\"\n\n class Meta(AbstractCert.Meta):\n abstract = False\n\nYou can add fields in a similar way in your ``models.py`` file.\n\n**Note**: for doubts regarding how to use, extend or develop models please\nrefer to the `\"Models\" section in the django documentation\n<https://docs.djangoproject.com/en/dev/topics/db/models/>`_.\n\n8. Add swapper configurations\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nOnce you have created the models, add the following to your\n``settings.py``:\n\n.. code-block:: python\n\n # Setting models for swapper module\n DJANGO_X509_CA_MODEL = \"myx509.Ca\"\n DJANGO_X509_CERT_MODEL = \"myx509.Cert\"\n\nSubstitute ``myx509`` with the name you chose in step 1.\n\n9. Create database migrations\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nCreate and apply database migrations:\n\n::\n\n ./manage.py makemigrations\n ./manage.py migrate\n\nFor more information, refer to the `\"Migrations\" section in the django\ndocumentation\n<https://docs.djangoproject.com/en/dev/topics/migrations/>`_.\n\n10. Create the admin\n~~~~~~~~~~~~~~~~~~~~\n\nRefer to the `admin.py file of the sample app\n<https://github.com/openwisp/django-x509/tree/master/tests/openwisp2/sample_x509/admin.py>`_.\n\nTo introduce changes to the admin, you can do it in two main ways which\nare described below.\n\n**Note**: for more information regarding how the django admin works, or\nhow it can be customized, please refer to `\"The django admin site\" section\nin the django documentation\n<https://docs.djangoproject.com/en/dev/ref/contrib/admin/>`_.\n\n1. Monkey patching\n++++++++++++++++++\n\nIf the changes you need to add are relatively small, you can resort to\nmonkey patching.\n\nFor example:\n\n.. code-block:: python\n\n from django_x509.admin import CaAdmin, CertAdmin\n\n CaAdmin.list_display.insert(\n 1, \"my_custom_field\"\n ) # <-- your custom change example\n CertAdmin.list_display.insert(\n 1, \"my_custom_field\"\n ) # <-- your custom change example\n\n2. Inheriting admin classes\n+++++++++++++++++++++++++++\n\nIf you need to introduce significant changes and/or you don't want to\nresort to monkey patching, you can proceed as follows:\n\n.. code-block:: python\n\n from django.contrib import admin\n from swapper import load_model\n\n from django_x509.base.admin import AbstractCaAdmin, AbstractCertAdmin\n\n Ca = load_model(\"django_x509\", \"Ca\")\n Cert = load_model(\"django_x509\", \"Cert\")\n\n\n class CertAdmin(AbstractCertAdmin):\n pass\n # add your changes here\n\n\n class CaAdmin(AbstractCaAdmin):\n pass\n # add your changes here\n\n\n admin.site.register(Ca, CaAdmin)\n admin.site.register(Cert, CertAdmin)\n\n11. Create root URL configuration\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nPlease refer to the `urls.py\n<https://github.com/openwisp/django-x509/tree/master/tests/openwisp2/urls.py>`_\nfile in the test project.\n\nFor more information about URL configuration in django, please refer to\nthe `\"URL dispatcher\" section in the django documentation\n<https://docs.djangoproject.com/en/dev/topics/http/urls/>`_.\n\n12. Import the automated tests\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nWhen developing a custom application based on this module, it's a good\nidea to import and run the base tests too, so that you can be sure the\nchanges you're introducing are not breaking some of the existing features\nof *django-x509*.\n\nIn case you need to add breaking changes, you can overwrite the tests\ndefined in the base classes to test your own behavior.\n\n.. code-block:: python\n\n from django.test import TestCase\n from django_x509.tests.base import TestX509Mixin\n from django_x509.tests.test_admin import (\n ModelAdminTests as BaseModelAdminTests,\n )\n from django_x509.tests.test_ca import TestCa as BaseTestCa\n from django_x509.tests.test_cert import TestCert as BaseTestCert\n\n\n class ModelAdminTests(BaseModelAdminTests):\n app_label = \"myx509\"\n\n\n class TestCert(BaseTestCert):\n pass\n\n\n class TestCa(BaseTestCa):\n pass\n\n\n del BaseModelAdminTests\n del BaseTestCa\n del BaseTestCert\n\nNow, you can then run tests with:\n\n::\n\n # the --parallel flag is optional\n ./manage.py test --parallel myx509\n\nSubstitute ``myx509`` with the name you chose in step 1.\n\nFor more information about automated tests in django, please refer to\n`\"Testing in Django\"\n<https://docs.djangoproject.com/en/dev/topics/testing/>`_.\n\nContributing\n------------\n\nPlease refer to the `OpenWISP contributing guidelines\n<http://openwisp.io/docs/developer/contributing.html>`_.\n\nSupport\n-------\n\nSee `OpenWISP Support Channels <http://openwisp.org/support.html>`_.\n\nChangelog\n---------\n\nSee `CHANGES\n<https://github.com/openwisp/django-x509/blob/master/CHANGES.rst>`_.\n\nLicense\n-------\n\nSee `LICENSE\n<https://github.com/openwisp/django-x509/blob/master/LICENSE>`_.\n",
"bugtrack_url": null,
"license": "BSD",
"summary": "Reusable django app to generate and manage x509 certificates",
"version": "1.2",
"project_urls": {
"Download": "https://github.com/openwisp/django-x509/releases",
"Homepage": "https://github.com/openwisp/django-x509"
},
"split_keywords": [
"django",
" x509",
" pki",
" pem",
" openwisp"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "3bee73866c04836c913a07e17a4824b5e600dc9b88db00416132340268fd9c6f",
"md5": "367537b29666afeaf588f629d6137b84",
"sha256": "7c7d3d44396126d25e3f5193b886ca7b5dfc0b3da55da3f65721d7ebf6795ebc"
},
"downloads": -1,
"filename": "django_x509-1.2-py2.py3-none-any.whl",
"has_sig": false,
"md5_digest": "367537b29666afeaf588f629d6137b84",
"packagetype": "bdist_wheel",
"python_version": "py2.py3",
"requires_python": null,
"size": 46880,
"upload_time": "2024-08-16T22:27:36",
"upload_time_iso_8601": "2024-08-16T22:27:36.146679Z",
"url": "https://files.pythonhosted.org/packages/3b/ee/73866c04836c913a07e17a4824b5e600dc9b88db00416132340268fd9c6f/django_x509-1.2-py2.py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "92e65c14b6725ea2bbe0a3befaad96297f619f3d528ec417a3c1a3e211f3cd13",
"md5": "d09d238d2da0292845d909dfbbf738c2",
"sha256": "c961bf88c02da76acbfc50e5edc9ab1f384e4289a442a444211a0825f8300f00"
},
"downloads": -1,
"filename": "django_x509-1.2.tar.gz",
"has_sig": false,
"md5_digest": "d09d238d2da0292845d909dfbbf738c2",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 49913,
"upload_time": "2024-08-16T22:27:37",
"upload_time_iso_8601": "2024-08-16T22:27:37.754473Z",
"url": "https://files.pythonhosted.org/packages/92/e6/5c14b6725ea2bbe0a3befaad96297f619f3d528ec417a3c1a3e211f3cd13/django_x509-1.2.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-08-16 22:27:37",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "openwisp",
"github_project": "django-x509",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [],
"lcname": "django-x509"
}
JSON
