summaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorGraham Hagger <g.hagger@gmail.com>2010-10-22 15:15:03 -0400
committerGraham Hagger <g.hagger@gmail.com>2010-10-22 15:15:03 -0400
commitdf1d94eda634e2f00757af19b70e1abb6b1b98a2 (patch)
tree14bb8087105a0cb9fb195626efd31b7ca5ed2437 /doc
parent416162c37c0b30cf42db1b7bd86bf5e15ff61284 (diff)
downloadbcfg2-df1d94eda634e2f00757af19b70e1abb6b1b98a2.tar.gz
bcfg2-df1d94eda634e2f00757af19b70e1abb6b1b98a2.tar.bz2
bcfg2-df1d94eda634e2f00757af19b70e1abb6b1b98a2.zip
moved some sslca docs around
Diffstat (limited to 'doc')
-rw-r--r--doc/server/plugins/generators/sslca.txt43
1 files changed, 43 insertions, 0 deletions
diff --git a/doc/server/plugins/generators/sslca.txt b/doc/server/plugins/generators/sslca.txt
index 17f936ffc..cfc01efe1 100644
--- a/doc/server/plugins/generators/sslca.txt
+++ b/doc/server/plugins/generators/sslca.txt
@@ -51,3 +51,46 @@ Getting started
#. Enjoy.
+
+====
+TODO
+====
+
+V1.0 - Only handles localhost.key and localhost.crt, therefor
+assuming we only care about a cert for www, or all ssl services
+will use the same cert
+
+Initialiazation:
+Grab options from bcfg2.conf
+load cakey, cacert
+cache other options
+
+Req comes in for key & cert
+If key exists:
+ load key
+ cache key
+ return key
+Else:
+ gen key
+ cache key
+ save key
+ return key
+If cert exists:
+ load cert
+ If fails to verify against key:
+ gen cert
+ save cert
+ return cert
+ If aliases fail don't match
+ gen cert
+ save cert
+ return cert
+ return cert
+Else:
+ gen cert
+ save cert
+ return cert
+
+V2.0 - Maybe create additional types, SSLCertPath, SSLKeyPath,
+to allow generation of multiple certs/keys in arbitrary locations
+