Redwax Server Modernisation

Self-hostable X509 certificate based identity management solution

The Redwax Project is a set of tools and web server modules to make it easy to build and deploy secure services on the web. The Redwax modular certificate authority mod_ca provides a set of Apache http server modules that can be combined to form various types of certificate authorities, issuing certificates from a Certificate Sign Request, or with the SPKAC and SCEP protocols, servicing certificate revocation with CRLs and OCSP, and creating timestamps.

The Redwax tool provides a mechanism to read certificates and keys from a wide variety of sources, automatically associating leaf, intermediate, and trusted certificates, and optionally their private keys, then showing the metadata of or writing the certificates in a wide variety of target formats. This project will update the key modules, adjust to the current Apache API's and also fully implement the meanwhile published RFC 8894.

The project's own website: https://redwax.eu/rs/

Why does this actually matter to end users?

There is an increasing need for data sovereignty, but many security tools are too complex for people to deploy, or rely on software as a service provided in specific regions or by specific providers - forcing the administrator to trust where that is not warranted.

Redwax is a modular certificate authority that provides a set of Apache http server modules which can be combined to form various types of certificate authorities. The Apache http web server has a widely understood and mature module system, and Redwax mod_ca extends that system to allow custom certificate authorities to be developed and deployed on systems as small as a Raspberry Pi.

Redwax tool is an auxiliary tool that helps to automate certificate handling among different formats, to provide tab completion on inputs, to provide coherent error messages when something has gone wrong and why, and to make certificates significantly easier to use.

Run by Pepperpot Media Limited