diff options
author | Graham Hagger <g.hagger@gmail.com> | 2010-10-22 15:15:03 -0400 |
---|---|---|
committer | Graham Hagger <g.hagger@gmail.com> | 2010-10-22 15:15:03 -0400 |
commit | df1d94eda634e2f00757af19b70e1abb6b1b98a2 (patch) | |
tree | 14bb8087105a0cb9fb195626efd31b7ca5ed2437 /doc | |
parent | 416162c37c0b30cf42db1b7bd86bf5e15ff61284 (diff) | |
download | bcfg2-df1d94eda634e2f00757af19b70e1abb6b1b98a2.tar.gz bcfg2-df1d94eda634e2f00757af19b70e1abb6b1b98a2.tar.bz2 bcfg2-df1d94eda634e2f00757af19b70e1abb6b1b98a2.zip |
moved some sslca docs around
Diffstat (limited to 'doc')
-rw-r--r-- | doc/server/plugins/generators/sslca.txt | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/doc/server/plugins/generators/sslca.txt b/doc/server/plugins/generators/sslca.txt index 17f936ffc..cfc01efe1 100644 --- a/doc/server/plugins/generators/sslca.txt +++ b/doc/server/plugins/generators/sslca.txt @@ -51,3 +51,46 @@ Getting started #. Enjoy. + +==== +TODO +==== + +V1.0 - Only handles localhost.key and localhost.crt, therefor +assuming we only care about a cert for www, or all ssl services +will use the same cert + +Initialiazation: +Grab options from bcfg2.conf +load cakey, cacert +cache other options + +Req comes in for key & cert +If key exists: + load key + cache key + return key +Else: + gen key + cache key + save key + return key +If cert exists: + load cert + If fails to verify against key: + gen cert + save cert + return cert + If aliases fail don't match + gen cert + save cert + return cert + return cert +Else: + gen cert + save cert + return cert + +V2.0 - Maybe create additional types, SSLCertPath, SSLKeyPath, +to allow generation of multiple certs/keys in arbitrary locations + |