NAME¶
pyca - CA written in python
DESCRIPTION¶
The scripts in ths suite are basically wrappers around
openssl(1).
Additionally the scripts integrates the generic CA-functionality with the
mail-system and apache for handling certificate requests; with LDAP for
handling distributing certificates and revocation lists; and cron for
maintenance tasks.
PROGRAMMES¶
- ca2ldif.py
- Write CA certificates and CRLs to a LDIF file. This is
intended for initially setting up the CA entries not for daily CRL update.
The entries are of objectclass certificationAuthority and contain the
attributes cACertificate;binary, authorityRevocationList;binary and
certificateRevocationList;binary. This might require extending schemas on
LDAPv2 servers. Have a look at your LDAP servers configuration
documentation.
- certs2ldap.py
- Send all certs and CRLs to a LDAP repository.
- copy-cacerts.py
- Copy all CA certificates defined in an OpenSSL
configuration to a bundled PEM file or a directory with hash-named
symbolic links. This is quite handy in conjunction with ApacheSSL or
Apache with mod_ssl for copying the files for SSLCACertificateFile or
SSLCACertificatePath.
- ns-jsconfig.py
- Create Javascript code containing all CA certificates
defined in an OpenSSL configuration for use with the Netscape admin tool
(creating netscape.cfg).
- print-cacerts.py
- This simple script prints all CA certs on stdout. It is
intended to generate authentic printouts (on paper!) of the CA certs
fingerprints and is typically run on the private CA system. Choose the
option --html to generate nicer formatted HTML-output instead of the
default textual output in ISO-8859-1.
- ns-jsconfig.py
- Create a Javascript file to be included in a Netscape
configuration file (netscape.cfg).
SEE ALSO¶
pyca(8)
The programs are documented fully by the HTML documents in
/usr/share/doc/pyca/htdocs/
COPYRIGHT¶
Copyright © 2001 - 2003 Michael Stroeder <michael@stroeder.com>
This software including all modules is Open Source and given away under: GPL
(GNU GENERAL PUBLIC LICENSE) Version 2.
The author refuses to give any warranty of any kind.
AUTHOR¶
Michael Stroeder <michael@stroeder.com>
This manual page was written by Lars Bahner <bahner@debian.org>, for the
Debian GNU/Linux system.