pki: add minimal certificate authority

Browse Source

- CA generation with encrypted private key storage (AES-256-GCM)
- Client certificate issuance with configurable validity
- Certificate revocation with status tracking
- SHA1 fingerprint integration with existing mTLS auth
- API endpoints: /pki/status, /pki/ca, /pki/issue, /pki/revoke
- CLI commands: fpaste pki status/issue/revoke
- Comprehensive test coverage

...

This commit is contained in:

Username

2025-12-20 17:20:15 +01:00

parent 7deba711d4

commit 4e38517faf

9 changed files with 3815 additions and 481 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

1019

app/pki.py Normal file

File diff suppressed because it is too large Load Diff