table of contents
other sections
pyca(8) | System Manager's Manual | pyca(8) |
NAME¶
pyca - CA written in pythonDESCRIPTION¶
The scripts in this suite are basically wrappers around openssl(1). Additionally the scripts integrates the generic CA-functionality with the mail-system and apache for handling certificate requests; with LDAP for handling distributing certificates and revocation lists; and cron for maintenance tasks.PROGRAMMES¶
- pickle-cnf.py
- Create a pickled copy the OpenSSL configuration object for faster reading of the configuration. The pickle-file name is the name of the OpenSSL configuration file plus .pickle.
- ca-make.py
- Generate a CA hierarchy, all necessary files and directories and all initial CRLs (see also signedby extension in OpenSSL configuration file). This is intended to be run under user root since it sets the ownership and permissions.
- ca-certreq-mail.py
- Handles the mail dialogue after certificate request. The SPKAC certificate request and LDIF data is moved from the directory pend_reqs_dir to new_reqs_dir. Set this script in your /etc/aliases, procmailrc or similar to receive mails for the address specified in caCertReqMailAdr.
- ca-cycle-pub.py
-
* Publish new certificates and inform user via e-mail where to download his
certificate
* Remove stale certificate requests from pend_reqs_dir.
* Spool certificate requests and certificate revocation requests to the system
holding the CA's private keys. (not implemented yet)
* Spool certificates and certificate revocation lists from the system holding
the CA's private keys. (not implemented yet)
- ca-cycle-priv.py
- This script is run on the system where the private keys of the CA are stored. It does several jobs:
* Mark expired certificates in OpenSSL certificate database
* Generate new CRLs, move old CRLs to archive (not implemented yet)
* Process certificate requests and certificate revocation requests (not
implemented yet)
* Spool certificate database, issued certificates and CRLs to public WWW and
LDAP server (not implemented yet)
SEE ALSO¶
pyca(1) The programs are documented fully by the HTML documents in /usr/share/doc/pyca/htdocs/COPYRIGHT¶
Copyright © 2001 - 2003 Michael Stroeder <michael@stroeder.com>AUTHOR¶
Michael Stroeder <michael@stroeder.com> This manual page was written by Lars Bahner <bahner@debian.org>, for the Debian GNU/Linux system (but may be used by others).June 30, 2002 |