Libreswan Opportunistic IPsec using LetsEncrypt: Difference between revisions
(initial commit) |
(introduction and implementation added) |
||
| Line 1: | Line 1: | ||
== Introduction == | == Introduction == | ||
Libreswan Opportunistic IPsec using LetsEncrypt is a project created during Google Summer of Code 2019. It adds a utility `letsencrypt` to the `ipsec`. letsencrypt invokes any of several utilities involved in controlling the Opportunistic Encryption system, running the specified {command} with the specified [argument] as if it had been invoked directly. | |||
e.g. `ipsec letsencrypt -h` lists the available commands. | |||
It is a program in libreswan, which integrates libreswan with Opportunistic Encryption utilities. The script provides various OE functionality e.g. initial OE setup, testing configuration/connection, generating and updating Let's Encrypt certificates. The details about the utilities and using them can be found in the [[ Documentation ]]. Also, the documentation includes the sample output for each {command} and [argument]. | |||
== Implementation == | == Implementation == | ||
Various functionalities of the project are listed below: | |||
* Can establish the secure OE (Opportunistic Encryption) connections between two hosts (client and server). | |||
* Easy to install on the hosts (client and server). | |||
* Can test OE connections between two hosts. | |||
* Can generate Let's Encrypt certificates for the server using certbot. | |||
* Enables automatic update of the generated certificates, keeping the private key same. | |||
* Imports the generated certificates into NSS Database to be used for OE. | |||
* Provides details about various available utilities. | |||
== Source code == | == Source code == | ||
Revision as of 13:47, 11 August 2019
Introduction
Libreswan Opportunistic IPsec using LetsEncrypt is a project created during Google Summer of Code 2019. It adds a utility `letsencrypt` to the `ipsec`. letsencrypt invokes any of several utilities involved in controlling the Opportunistic Encryption system, running the specified {command} with the specified [argument] as if it had been invoked directly. e.g. `ipsec letsencrypt -h` lists the available commands.
It is a program in libreswan, which integrates libreswan with Opportunistic Encryption utilities. The script provides various OE functionality e.g. initial OE setup, testing configuration/connection, generating and updating Let's Encrypt certificates. The details about the utilities and using them can be found in the Documentation . Also, the documentation includes the sample output for each {command} and [argument].
Implementation
Various functionalities of the project are listed below:
- Can establish the secure OE (Opportunistic Encryption) connections between two hosts (client and server).
- Easy to install on the hosts (client and server).
- Can test OE connections between two hosts.
- Can generate Let's Encrypt certificates for the server using certbot.
- Enables automatic update of the generated certificates, keeping the private key same.
- Imports the generated certificates into NSS Database to be used for OE.
- Provides details about various available utilities.