Redwax Project

The Redwax Project provides a number of small and modular security tools to make it easy to build security services on the web.

The aim of the project is keep the security footprint and the number of dependencies as low as possible. The code is released as open source under the Apache License v2.

Recent Changes and other News

2020-08-01

Experimental module added, mod_sign, which supports unmanaged keys, as used in DNSSec, DMARC and for the Google/Apple GAEN keys. It has a very simple REST api -- see the README.

2020-06-01

All modules updated - no major change.s

2020-03-25

RedWax is now in MacPorts for Apple macOS 10.9 and newer -- see mod_ca, mod_crl, mod_ocsp, mod_csr, mod_pkcs12, mod_scep, mod_timestamp and so on.

2020-03-18

Not quite ready for primetime; but with support for AJP becoming scarce, there has been a need to get information from an Apache httpd (such as the certificate used to authenticate) to a backend server (Tomcat, etc) in a secure way.

These two new modules: mod_auth_bearer and mod_autht_jwt can handle the authenticaiton on bearer tokens (as used in JWT and OAuth2) and the passing/populating of those in a proxy. Still work in progress; and it does depend on the newly fangled apr-util 1.7 its secure json, jose and crypto sypport.

Depending on how things work out - it will either become part of the normal apache-httpd mainline distributions - or continued separately at redwax.eu (to be continued...).

2020-03-01

RedWax Interoperability testsite for CSR (Microsoft/RFC2986/PKCS10 style) now open for business.

2020-02-24

NixOS packages for redwax updated to latest versions (that also makes all NixOS tests pass)..

2020-02-22

Two new modules: mod_cert and mod_pkcs7 -- making it easier to publish the chain/intermediate certificates automatically.

2020-02-15

Interoperability test site available; with timestamping and SCEP. To facilitate cross industry testing and standards development.

2020-02-08

Update to 0.2.3 for mod_scep (release notes), mod_crl (release notes) and mod_csr (release notes). No security updates, minor improvements to autoconf, RPM improvements for Redhat, SUSE and europe oriented Mageia.

2019-12-21

Update to 0.2.2 for mod_ocsp (release notes), mod_timestamp (release notes), mod_pkcs12 (release notes) and mod_spkac (release notes). No security updates, openssl workaround for missing APIs (0.9->1.x), minor improvements to autoconf, RPM improvements for Redhat, SUSE and europe oriented Mageia.

2019-12-08

Update to 0.2.1 for all modules.

Redwax Server

The Redwax server consists of a series of modules for the Apache HTTP Server that can be combined together to form various types of certificate authorities.

About

Modules to support issuing certificates with SPKAC and SCEP, servicing certificate revocation with CRLs and OCSP, and creating timestamps.

Manual

Read the manual.

Downloads

Find the latest and archived releases.

Getting Involved

Get access to the source code, issue tracker and mailing lists.

Governance

The projects within Redwax follow a set of rules for the build and ongoing maintenance of the code.

Architecture

Redwax projects meet a set of architecture requirements.

Release Process

For code to be considered a release of a the Redwax Project, a specific set of requirements must be met.

Code of Conduct

To facilitate communication between people from many different countries and cultures, and between individuals with very different backgrounds, Redwax has a code of conduct that those that particpate abide by.

License

All Redwax code is distrubuted under the Apache Software License (v2).

Contributor License Agreement

In order to make sure that Redwax can continue to distribute its code under the Apache License it needs to make sure that it also gets that permission from any volunteer (or company) that contributes. This Contributor License Agreements sets out the terms and conditions.