NAME¶
pyca - CA written in python
DESCRIPTION¶
The scripts in ths suite are basically wrappers around
openssl(1).
Additionally the scripts integrates the generic CA-functionality with the
mail-system and apache for handling certificate requests; with LDAP for
handling distributing certificates and revocation lists; and cron for
maintenance tasks.
PROGRAMMES¶
- ca2ldif.py
- Write CA certificates and CRLs to a LDIF file. This is intended for
initially setting up the CA entries not for daily CRL update. The entries
are of objectclass certificationAuthority and contain the attributes
cACertificate;binary, authorityRevocationList;binary and
certificateRevocationList;binary. This might require extending schemas on
LDAPv2 servers. Have a look at your LDAP servers configuration
documentation.
- certs2ldap.py
- Send all certs and CRLs to a LDAP repository.
- copy-cacerts.py
- Copy all CA certificates defined in an OpenSSL configuration to a bundled
PEM file or a directory with hash-named symbolic links. This is quite
handy in conjunction with ApacheSSL or Apache with mod_ssl for copying the
files for SSLCACertificateFile or SSLCACertificatePath.
- ns-jsconfig.py
- Create Javascript code containing all CA certificates defined in an
OpenSSL configuration for use with the Netscape admin tool (creating
netscape.cfg).
- print-cacerts.py
- This simple script prints all CA certs on stdout. It is intended to
generate authentic printouts (on paper!) of the CA certs fingerprints and
is typically run on the private CA system. Choose the option --html to
generate nicer formatted HTML-output instead of the default textual output
in ISO-8859-1.
- ns-jsconfig.py
- Create a Javascript file to be included in a Netscape configuration file
(netscape.cfg).
SEE ALSO¶
pyca(8)
The programs are documented fully by the HTML documents in
/usr/share/doc/pyca/htdocs/
COPYRIGHT¶
Copyright © 2001 - 2003 Michael Ströder
<michael@stroeder.com>
This software including all modules is Open Source and given away under: GPL
(GNU GENERAL PUBLIC LICENSE) Version 2.
The author refuses to give any warranty of any kind.
AUTHOR¶
Michael Ströder <michael@stroeder.com>
This manual page was written by Lars Bahner <bahner@debian.org>, for the
Debian GNU/Linux system.