Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/smallstep/hello-mtls
:wave: Docs demonstrating mutual TLS configurations in various technologies
https://github.com/smallstep/hello-mtls
certificate documentation golang mtls ngnix node-js postgres
Last synced: 3 months ago
JSON representation
:wave: Docs demonstrating mutual TLS configurations in various technologies
- Host: GitHub
- URL: https://github.com/smallstep/hello-mtls
- Owner: smallstep
- License: apache-2.0
- Created: 2019-08-12T13:51:57.000Z (about 5 years ago)
- Default Branch: master
- Last Pushed: 2024-01-09T00:45:08.000Z (10 months ago)
- Last Synced: 2024-05-16T18:05:28.210Z (6 months ago)
- Topics: certificate, documentation, golang, mtls, ngnix, node-js, postgres
- Language: JavaScript
- Homepage:
- Size: 2.26 MB
- Stars: 86
- Watchers: 8
- Forks: 24
- Open Issues: 49
-
Metadata Files:
- Readme: README.md
- License: LICENSE.txt
Awesome Lists containing this project
README
# Hello mTLS
This package contains documentation on how to configure a broad array of technologies to perform mutual TLS. It is part of the [Hello mTLS](https://smallstep.com/hello-mtls) project, designed to raise developer awareness about public key infrastructure as a potential solution to common security problems.
If you notice any outdated, missing, or errant docs, pull requests are strongly encouraged!
## Contributing
Documentation for each technology lives in its corresponding directory in the [docs/](docs/) folder.
To get rolling on local development, clone this repository and start the local dev server:
```
$ yarn install
$ yarn start
```
You will be able to preview all changes at http://localhost:3000.
### Adding new technologies
If you are adding a new technology, your best bet is to refer to existing configurations in this repository, but here is a high-level breakdown of each directory's contents.
#### config.yaml
This file configures basic information like the technology name and external links to documentation.
#### logo.png
This is a 256 x 256px transparent PNG of the technology's logo. If missing, a standard placeholder will be used.
#### topics/
Several optional markdown files provide prose describing how to perform different aspects of mTLS using the technology:
- `server_auth.md` — Server TLS authentication
- `client_auth.md` — Client TLS authentication
- `client.md` — Client requests using TLS
- `renewal.md` — TLS cetificate renewal
Properties with corresponding names in the `topics` object in `config.yaml` also accept a `links` array for any relevant external resources.
If your documentation makes use of the name of a certificate's identity, its certificate filename, its private key filename, or the root certificate filename, please use these template tokens. They will be interpolated with the appropriate values at build time in different contexts:
- `{{ server_name }}` — Name of the identity like `server.internal.net`
- `{{ server_cert }}` — Filename of the server's certificate like `server.crt`
- `{{ server_key }}` — Filename of the server's private key like `server.key`
- `{{ server_port }}` — Port number that that the server binds in the server auth docs
- `{{ client_name }}` — Name of the identity like `clientuser`
- `{{ client_cert }}` — Filename of the client's certificate like `client.crt`
- `{{ client_key }}` — Filename of the client's private key like `client.key`
- `{{ ca_cert }}` — Filename of the root CA certificate like `ca.crt`
Do not use markdown headlines.
### Testing changes
Run `yarn test` locally to test that your changes are valid before opening a pull request.
## License
Code in this repository is licensed under [Apache License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0).
All [documentation content](docs/) is licensed under [Creative Commons Attribution 4.0 International License](http://creativecommons.org/licenses/by/4.0/).
## Support
Please don't hesitate to reach out on [our Discord](https://bit.ly/step-discord) with any questions.