First commit
Heavily amended.
This commit is contained in:
commit
f1d9b1a291
5 changed files with 126 additions and 0 deletions
21
README.md
Normal file
21
README.md
Normal file
|
@ -0,0 +1,21 @@
|
|||
# fauxsign
|
||||
|
||||
Python script to replace [SETCCE proXSign®](https://proxsign.setcce.si/proXSignCustomerPages/). Currently only supports XML documents with SHA256 signatures, required to submit requests on certain gov.si sites.
|
||||
|
||||
## Setup
|
||||
|
||||
Websites that want to sign XML or PDF documents submit requests to the proXSign® component acting as a local HTTPS server listening on port 14972. To replicate this behavior, a self-signed TLS certificate is required. One can be generated with
|
||||
|
||||
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes \
|
||||
-subj "/CN=fauxsign" -keyout fauxsign.key -out fauxsign.crt
|
||||
|
||||
## Usage
|
||||
|
||||
Assuming your personal certificate and key are stored in `user.crt` and `user.key` respectively, start the server with
|
||||
|
||||
./fauxsign --app-key fauxsign.key --app-cert fauxsign.crt \
|
||||
--user-key user.key --user-cert user.crt
|
||||
|
||||
Before signing, add a browser exception for the app certificate generated above by navigating to [https://localhost:14972/version](https://localhost:14972/version). This only needs to be done once.
|
||||
|
||||
Visit the [XML signing test page](https://proxsign.setcce.si/proXSignCustomerPages/testXML.html) to verify the script works correctly. The script will prompt for each signature request; answer `y` or `yes` to confirm.
|
Loading…
Add table
Add a link
Reference in a new issue