diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/server/plugins/generators/sslca.txt | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/doc/server/plugins/generators/sslca.txt b/doc/server/plugins/generators/sslca.txt index 17f936ffc..cfc01efe1 100644 --- a/doc/server/plugins/generators/sslca.txt +++ b/doc/server/plugins/generators/sslca.txt @@ -51,3 +51,46 @@ Getting started #. Enjoy. + +==== +TODO +==== + +V1.0 - Only handles localhost.key and localhost.crt, therefor +assuming we only care about a cert for www, or all ssl services +will use the same cert + +Initialiazation: +Grab options from bcfg2.conf +load cakey, cacert +cache other options + +Req comes in for key & cert +If key exists: + load key + cache key + return key +Else: + gen key + cache key + save key + return key +If cert exists: + load cert + If fails to verify against key: + gen cert + save cert + return cert + If aliases fail don't match + gen cert + save cert + return cert + return cert +Else: + gen cert + save cert + return cert + +V2.0 - Maybe create additional types, SSLCertPath, SSLKeyPath, +to allow generation of multiple certs/keys in arbitrary locations + |