certificate-transparency/cheese
2
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
11 Commits 3 Branches 0 Tags
a3d3c4c6430fd118b3aaf3ba954e3b45949628ab
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

Cheese

A Certificate Transparency log configuration and deployment tool.

Configuration Generator

The tesseract/genconf tool generates CT log configuration files and keys from a YAML specification in a very similar way to Sunlight.

Usage

  1. Create YAML configuration file:
listen:
  - "[::]:16420"
roots: /etc/tesseract/roots.pem
logs:
  - shortname: example2025h1
    inception: 2025-01-01
    submissionprefix: https://example2025h1.log.ct.example.com
    monitoringprefix: https://example2025h1.mon.ct.example.com
    extraroots: /etc/tesseract/extra-roots.pem
    secret: /etc/tesseract/keys/example2025h1.pem
    localdirectory: /var/lib/tesseract/example2025h1/data
    notafterstart: 2025-01-01T00:00:00Z
    notafterlimit: 2025-07-01T00:00:00Z
  1. Generate private keys:
go run ./tesseract/genconf/main.go -c config.yaml gen-key
  1. Create directories and generate environment files:
mkdir -p /var/lib/tesseract/example2025h1/data
go run ./tesseract/genconf/main.go -c config.yaml gen-env
  1. Generate HTML and JSON files:
go run ./tesseract/genconf/main.go -c config.yaml gen-html

This generates index.html, log.v3.json, .env, and roots.pem files in each log's directory.

Description
Cheese: Certificate Transparency Logs
Readme 418 KiB
Languages
Go 100%