Alexei Chetroi a �crit :
On Sat, Mar 05, 2005 at 10:31:01AM +0100, M.-A. DARCHE wrote:
I haven't configured anything concerning the database backend apart
specifying the --enable-db and --enable-dbi options.
Since I haven't created any SQL database by hand and haven't configured
any connection information, it seems thus logical that my setup uses the
DB files database.
There's config.xml file in $etc-prefix. You should edit it 1st and
after that run configure_etc.sh script to update configuration. By
default IIRC it uses DB files indeed, but I had problems with DB files
in the past. So I suggest you to try DBI module and postgres/mysql
I'm now quite used to very often modify config.xml and regenerate
the config files with configure_etc.sh :-)
But thanks for pointing it out :-)
My point was to setup a 2 separate servers in the simplest configuration
possible first. Then I will need an LDAP backend.
Want to simulate ca and ra as separate servers? Than imho you should
do two installs with different --prefix-es and use one instance of
postgres/mysql, but with different databases for ca and ra.
I didn't send the other configure options I use for the CA server sorry,
but yes they are different. I try to do the cleanest and more logical
install possible.
So your advise is go for LDAP now, isn't it?
No. LDAP, if I understand correctly, is used for CDP (certificate
distribution point) and CRL storing. I advice you to use SQL database
instead of DB files.
Thanks for this peace of information. I had clearly misunderstood this
point.
So I should build and use SQL database on both CA and RA servers,
and build and use LDAP directory on the RA server? Is that correct?
Actually me and Piotr are currently working on debian packages, but
still have to do some work. See openca-devel maillist archives for last
month for more information. In attached file is debian diff I use for
building, but there's a work in progress so it may not to build
correctly.
I'll read your work with lots of interest! I bet you will make lots of
happy users!
Again, thanks a lot.
--
Marc-Aur�le DARCHE
NUXEO (Paris, France) http://nuxeo.com
Nuxeo Collaborative Portal Server http://www.nuxeo.com/cps
Gestion de contenu web / portail collaboratif / groupware / open source
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
