Hello, I am acting as my own cert authority so the index.txt file is constantly being updated as I generate new certs. However, I have noticed that things like the DB_file field are never used in the CA program.
Is it safe for me to write some custom code that will take advantage of that field? For example, if a client is connecting and I already have a cert for it, I'd like to be able to load the Cert based on the filename (that still exists on the drive somewhere). It'd be nice to be able to do that DB lookup, find the filename, load the cert, and return. It doesnt look like OpenSSL actually has anything like that already in it, so I'm not sure what people are doing in production environments with a bunch of certs. The closest thing I can find to what I am talking about is the CRL tool, however, that seems to just be concerned with updating the list, not actually serving back up the cert or anything. Thanks in advance for any tips.