Michael Bell wrote:
>
> Hi,
>
> yesterday evening I run issueCertificate of OpenCA v0.9 successfully for
> the first time. Perhaps you are smiling about this but here is a small
> list with the new features:
Oops, so it was not supposed to work? Then that's why it took me so long,
I guess I had to fix myself a few things, I was confused about the status
of this branch.
> I will start with:
>
> general: new OpenCA::DBI (smaller and faster)
I think what really kills it is OpenCA::OpenSSL, it would greatly benefit
from a little linking to the OpenSSL libraries or, at least, lowering the
cost of OpenCA::X509::initCert a little bit: there is really no need to
call the openssl shell to get DER from PEM or viceversa...
> 1. issuing certs
> 2. CRRs
I have CRRs working on the 0.9 branch, but it would benefit greatly from
clarifying whether it is REVOKE_REQUEST, PENDING_CRR or what. I settled
for PENDING_CRR from RA to CA, I tried APPROVED_CRR but seemed to need
work elsewhere.
Still it needs work in the user interface, the CA does not see a thing
about what it is revoking.
> Be warned - this is a status message only. Don't switch from OpenCA v0.8
> to v0.9. The major advantages will be RBAC, CRRs and a very good
> installation but only the installation is in the beta-phase.
The current installation zaps all configuration files...
That is a major problem in testing.
All the best.
Julio
_______________________________________________
OpenCA-Devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-devel
