README
¶
EdgeCA
EdgeCA is an ephemeral, in-memory CA providing service mesh machine identities, automating the management and issuance of TLS certificates.
It provides developers with a fast, easy, and integrated source of machine identities whilst also providing security teams with the required policy and oversight.
It also enables ephemeral certificate-based authorization, which reduces the need for permanent access credentials, explicit access revocation or traditional SSH key management.
It is easy to install and simple to use.
edgeca serverstarts up EdgeCA as a server, which supports mTLS gRPC, GraphQL+JWT and Envoy SDS as different ways of providing machine identities.edgeca gencsrgenerates a CSR fileedgeca gencertconnects to the EdgeCA Server using mTLS gRPC to sign a CSR request and provide a certificate and private key.
EdgeCA can run in a number of modes.
- It can generate a self-signed Root CA certificate.
- You can provide the Root CA certificate to use.
- EdgeCA can connect to the Venafi vCert TPP backend to get an issuing certificate, which is then used to generate certificates locally.
- It is also possible to disable completely all local certificate signing and have EdgeCA pass all signing requests directly on to the Venafi back-end.
Other features include SoftHSM support.
EdgeCA is a flexible open source solution, written in Go, and licenced with the Apache 2.0 Licence
See EdgeCA Documentation for further information about EdgeCA features or watch the EdgeCA Youtube playlist
The easiest way to install the application is to use snaps
snap install edgeca
Alternatively, use Docker
docker pull edgesec/edgeca
or build EdgeCA from source:
git clone https://github.com/edgesec-org/edgeca.git
cd edgeca
make
Contributing to EdgeCA
EdgeCA is an open source project currently in early development stages. We welcome and appreciate all contributions from the developer community. Please read our documentation on contributing for more information. To report a problem or share an idea, create an Issue and then use Pull Requests to contribute bug fixes or proposed enhancements. Got questions? Join us on Slack!
License
Copyright 2020-2022 © EdgeSec Ltd. All rights reserved.
EdgeCA is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.
Directories
¶
| Path | Synopsis |
|---|---|
|
cmd
|
|
|
internal
|
|
|
cache
****************************************************************************** * Copyright 2022 EdgeSec Ltd * * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except * in compliance with the License.
|
****************************************************************************** * Copyright 2022 EdgeSec Ltd * * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except * in compliance with the License. |
|
services/vcertconnector
****************************************************************************** * Copyright 2022 EdgeSec Ltd * * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except * in compliance with the License.
|
****************************************************************************** * Copyright 2022 EdgeSec Ltd * * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except * in compliance with the License. |