mtls-cli
mtls-cli copied to clipboard
drGrove
A short-lived certificate tool based on the Zero Trust network model
Bumps [cryptography](https://github.com/pyca/cryptography) from 36.0.1 to 39.0.1. Changelog Sourced from cryptography's changelog. 39.0.1 - 2023-02-07 * **SECURITY ISSUE** - Fixed a bug where ``Cipher.update_into`` accepted Python buffer protocol objects, but allowed...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.10.8 to 2022.12.7. Commits 9e9e840 2022.12.07 b81bdb2 2022.09.24 939a28f 2022.09.14 aca828a 2022.06.15.2 de0eae1 Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ... b8eb5e9 2022.06.15.1...
Instead of loading the certificate into the browser store and all the incompatibilites and annoyances that comes with, I think mtls-cli could be implemented as a PKCS#11 library: Browsers support...
I added some debug prints: ``` def _has_root_cert(self): if sys.platform == "darwin": name = self.ca_cert_file_path else: name = "{server} Root CA".format(server=self.server) print("Vaild cert? ") print(self.check_valid_cert(name, usage="CT,T,T", is_root=True)) if self.check_valid_cert(name, usage="CT,T,T",...
Issue: [B311:blacklist] Standard pseudo-random generators are not suitable for security/cryptographic purposes. - Severity: Low - Confidence: High - Location: mtls/mtls.py:448 - More Info: https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b311-random ``` 447 for c in range(10):...
Currently when an untrusted PGP key is used to encrypt the Certificate RSA key, the underlying system fully ignores the key and writes an empty file because the interaction with...
How can I use [logcli](https://github.com/grafana/loki/blob/master/docs/sources/getting-started/logcli.md) to access a loki instance behind mtls? Loki supports the env vars: - LOKI_CA_CERT_PATH - LOKI_CLIENT_CERT_PATH - LOKI_CLIENT_KEY_PATH So the right wrapper/alias should work?
Add macports support so that macports can handle getting updates