{"id":22912006,"url":"https://github.com/opencoff/go-pki","last_synced_at":"2025-05-09T01:33:41.479Z","repository":{"id":57534150,"uuid":"281793981","full_name":"opencoff/go-pki","owner":"opencoff","description":"Simple TLS PKI Library with embedded database","archived":false,"fork":false,"pushed_at":"2025-03-25T12:37:26.000Z","size":65,"stargazers_count":9,"open_issues_count":0,"forks_count":3,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-03-25T13:41:51.463Z","etag":null,"topics":["boltdb","golang","golang-crypto","golang-library","pki","tls-pki"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/opencoff.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-07-22T22:16:43.000Z","updated_at":"2025-03-25T12:37:13.000Z","dependencies_parsed_at":"2023-12-20T10:31:02.289Z","dependency_job_id":"dec938e2-af7b-435c-9267-5d75ffd60285","html_url":"https://github.com/opencoff/go-pki","commit_stats":null,"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opencoff%2Fgo-pki","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opencoff%2Fgo-pki/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opencoff%2Fgo-pki/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opencoff%2Fgo-pki/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/opencoff","download_url":"https://codeload.github.com/opencoff/go-pki/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253174414,"owners_count":21865861,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["boltdb","golang","golang-crypto","golang-library","pki","tls-pki"],"created_at":"2024-12-14T04:19:33.178Z","updated_at":"2025-05-09T01:33:41.452Z","avatar_url":"https://github.com/opencoff.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![GoDoc](https://godoc.org/github.com/opencoff/go-pki?status.svg)](https://godoc.org/github.com/opencoff/go-pki)\n\n## TL;DR\nThis is an opinionated single-file OpenVPN TLS certificate library.\nIt has _no_ dependencies on any other external tool such as openssl.\n\n## Features\n* Uses a single [boltdb](https://github.com/etcd/bbolt) instance to store the\n  certificates and keys.\n* All data strored in the database is encrypted with keys derived from a user\n  supplied CA passphrase.\n* Support for issuing \u0026 revoking:\n   - Server Certs (optionally signed by intermediate CAs)\n   - Client Certs (optionally signed by intermediate CAs)\n   - Intermediate CA certs (optionally signed by other intermediate\n     CAs)\n* Flexible CRL generation\n* The certificates and keys are opinionated:\n   * All CA cert private keys are Secp521r1\n   * Client \u0026 Servers cert private keys are Secp256k1\n   * \"SSL-Server\" attribute set on server certificates (nsCertType)\n   * \"SSL-Client\" attribute set on client certificates (nsCertType)\n   * ECDSA with SHA512 is used as the signature algorithm\n     of encryption to thwart DoS attacks.\n\n\n## Who uses this?\nTwo tools use this:\n\n* [ovpn-tool](https://github.com/opencoff/ovpn-tool) - an opnionated\n  PKI and OpenVPN Configuration manager\n* [certik](https://github.com/opencoff/certik) - an example CLI\n  program that uses this library\n\n\n## How to use this?\nYou will need a fairly recent golang toolchain (\u003e1.10). `go-pki` is\nmodules ready. You just import the code in your project as:\n\n```go\n\n    import (\n        \"github.com/opencoff/go-pki\"\n    )\n\n```\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopencoff%2Fgo-pki","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopencoff%2Fgo-pki","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopencoff%2Fgo-pki/lists"}