AltNet CA Webhooks
- Python 98.5%
- Dockerfile 1.5%
| altnet-ca-webhooks | ||
| .gitignore | ||
| config.yaml.dist | ||
| Dockerfile | ||
| LICENSE | ||
| pyproject.toml | ||
| README.md | ||
| requirements.txt | ||
AltNet CA webhooks
AltNet CA webhooks is a webhook endpoint for certificate validation. Currently the following validation plugins are available:
acme_da_hashicorp_vault: validate an ACME Device Attestation signing request against a static configuration.acme_da_static: validate an ACME Device Attestation signing request against data present in a Hashicorp Vault instance.scep_hashicorp_vault: validate a SCEP challenge and certificate signing request data against data present in a Hashicorp Vault instance.scep_static: validate a SCEP challenge and certificate signing request data against a static configuration.x5c_ssh_altnet: validate an SSH certificate requests against an attached x5c JWT.yubikey_embedded_attestation: validate a Yubikey attestation cross-signature (as added to the certificate signing request byyubico-piv-tool --attestation) and check it against configured pin and touch policies.
Quick start
cd altnet-ca-webhooks
export ALTNET_CA_WEBHOOKS_LOGLEVEL=DEBUG
export ALTNET_CA_WEBHOOKS_CONFIGURATION=../config.yaml
uvicorn main:app --reload
API endpoints
OpenAPI (formerly Swagger) documentation is available at /docs.
Alternatively, Redocly documentation is available at /redoc.