Re: Making the CA database more robust
Thanks, Ken! I appreciate the prompt and helpful response! Xca looks good, but not for what I need. It looks very screen-oriented, and what I'm after is something more like the CA.pl command line interface, but robust in the face of system crashes and concurrent uses. All that said, I'm gratefully going to add xca to my arsenal. For a somewhat different problem, it looks like exactly what I'll need! Does anyone else know of anything more command-liney? Have there been any deliberate decisions made to not link openssl with (say) the berkeley db library, sqlite or libdbi, even as options?Are there licensing issues with any of these? Pardon me while I add a few keywords here: sql ca Certificate Authority database sqlite postgresql mysql. On Nov 23, 2012, at 12:12 PM, Technical Support wrote: Take a look at xca. Its free and one of the best I have seen. Ken InterSoft International, Inc. Voice: 888-823-1541 Fax: 866-701-1260 http://www.netterm.com http://www.securenetterm.com
Making the CA database more robust
Has anyone started (or better yet) completed a project to make the built-in Certification Authority more robust? I've hit my shins a few times on this, once from the lack of concurrency -- yes, I now know (now) that it's documented -- and once because of a system crash at a bad moment -- as near as I can tell. I've looked around for CA software that would store certs and cert statuses and such in a database, but all I've found were front ends to openssl ca and ejbca and openca -- the latter two of which seem like way more than I need. A few searches of the openssl-dev archives didn't show me anything like this. Has anyone done this? Started it? I'd rather not (attempt to) reinvent the wheel….. Thanks for any guidance you can give…. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: Making the CA database more robust
Take a look at xca. Its free and one of the best I have seen. Ken InterSoft International, Inc. Voice: 888-823-1541 Fax: 866-701-1260 http://www.netterm.com http://www.securenetterm.com From: Nat Howard open...@track.pupworks.com To: openssl-dev@openssl.org Sent: Friday, November 23, 2012 10:54 AM Subject: Making the CA database more robust Has anyone started (or better yet) completed a project to make the built-in Certification Authority more robust? I've hit my shins a few times on this, once from the lack of concurrency -- yes, I now know (now) that it's documented -- and once because of a system crash at a bad moment -- as near as I can tell. I've looked around for CA software that would store certs and cert statuses and such in a database, but all I've found were front ends to openssl ca and ejbca and openca -- the latter two of which seem like way more than I need. A few searches of the openssl-dev archives didn't show me anything like this. Has anyone done this? Started it? I'd rather not (attempt to) reinvent the wheel….. Thanks for any guidance you can give…. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
