Skip to content
This repository has been archived by the owner on Nov 30, 2017. It is now read-only.
/ ocspd Public archive

Daemon to fetch OCSP staples from cerificate authorities periodically, for HAProxy and NGINX.

License

Notifications You must be signed in to change notification settings

greenhost/ocspd

Repository files navigation

NOTICE!!

tl;dr: This project was renamed to Stapled, which can be found here.

As of now this project has been renamed to Stapled because there are various other projects with the name ocspd which is confusing. Plus we want to implement functional tests in the near future, which are probably going to be based on a package also called ocsdp. This project will be kept here until June 30th 2018, in case you have this repo set as a dependency of some project.

From now on you will get a warning when you install the package, that tells you to use Stapled instead. From the 1st of January 2018 you will get an error instead. From June 30th 2018 onward the installation will stop working entirely.

You can find Stapled here.

Quick start

Read the full documentation on Read the docs.

This application requires Python 3.3+ or Python 2.7.9 and an installed version of PIP for the Python version you are using. It is also convenient to have virtualenv installed so you can make a separate environment for ocspd's dependencies.

Before installation make sure you have met the System requirements. You can install the ocsp daemon from the source code repository on our gitlab instance.

# Download the source from the repo
git clone https://github.com/greenhost/ocspd.git
# Enter the source directory
cd ocspd/
# Setup a virtualenv
virtualenv -p python3 env/
# Load the virtualenv
source env/bin/activate
# Install a dependency that is not yet it PyPi
pip install git+https://github.com/wbond/certvalidator.git@4383a4bfd5e769679bc4eedd1e4d334eb0c7d85a
# Install the current directory with pip. This allows you to edit the code
pip install .

Every time you want to run ocspd you will need to run source env/bin/activate to load the virtualenv first. Alternatively you can start the daemon by running ocspd

If you had previously installed a version of ocspd from github, to upgrade run the following:

# Deactivate the virtualenv if active
deactivate
# Delete the virtualenv (we will start clean)
rm -rf ./env
# Make a new virtualenv
virtualenv -p python3 env/
# Update to the latest version
git pull
# Install a dependency that is not yet it PyPi
pip install git+https://github.com/wbond/certvalidator.git@4383a4bfd5e769679bc4eedd1e4d334eb0c7d85a --upgrade
# Install the current directory with pip. This allows you to edit the code
pip install . --upgrade

We package ocspd for Debian, but it will still have depenfencies that are not available as debian packages. This means you need to either still use PIP to install those dependencies, or you need to package them yourself.

There is a build script in the root of this project: build_deb_pkg.sh. It will automatically download the dependencies master branches from Github and package them, the finished packages including a package for ocspd will be in the build directory.

Warning

Do not use this, none of the source code you are about to check out will be audited, you will need to vet it yourself. Also it will cause side effects inluding but not limited to loss of hair, stress and diziness. This is not for production use. We do not take any responsibility for what you do with this script, we provide it as is, it will probably fail anyway but we may also stop supporting it at any time, in fact this is highly likely.

You have been warned, now please don't continue at your own risk or go for the PIP install.

# Install available dependencies
apt install python-future python-all python-configargparse
# Download remaining dependencies and convert them to debian packages
./build_deb_pkg.sh
# Install all packages
dpkg -i build/*.deb

About

Daemon to fetch OCSP staples from cerificate authorities periodically, for HAProxy and NGINX.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •