Redwax Server

Build a modular certificate authority by combining the following modules for Apache HTTP server.

mod_ca

Provides the API that allows the backend and frontend modules to be combined with one another.

mod_crl

Exposes an RFC5280 Certificate Revocation List at the given URL.

mod_ocsp

Exposes an endpoint to respond to RFC6960 Online Certificate Status Protocol requests.

mod_scep

Exposes an IETF Draft Simple Certificate Enrollment Protocol endpoint.

mod_spkac

Exposes an endpoint that can process a Signed Public Key and Challenge request and return a certificate.

mod_timestamp

Exposes an RFC3161 Time Stamp Protocol endpoint for document timestamping.

mod_ca_crl

Backend module that reads a Certificate Revocation List from disk, and exposes it via mod_crl or mod_ocsp.

mod_ca_disk

Backend module that stores and serves certificates from a directory on disk compatible with an OpenSSL CA.

mod_ca_engine

Backend module that signs and issues certificates based on a key stored in an HSM provided by the OpenSSL Engine interface.

mod_ca_ldap

Backend module that verifies permission to issue a certificate, and to store a certificate once issued.

mod_ca_simple

Backend module that signs and issues certificates based on a key stored on disk.

Downloads

Use the source, Luke.

v0.2.0

We are yet to make our first release. When we do, you will be able to download it here.

Getting Involved

Get the code. Ask questions. Track issues.

Source Control

The source code for the Redwax Server is stored in Bitbucket and mirrored as an SVN repository.

  • Bitbucket: Browse the source code and submit pull requests using git.
  • Subversion: The repository of record is available using subversion.

Issue Tracking

  • Jira: Track issues in the Redwax Server project.

Mailing Lists

The following mailing lists are available.

Security Issues

Use the following address for contacting us to report security issues with Redwax Server.