From df1d94eda634e2f00757af19b70e1abb6b1b98a2 Mon Sep 17 00:00:00 2001
From: Graham Hagger <g.hagger@gmail.com>
Date: Fri, 22 Oct 2010 15:15:03 -0400
Subject: moved some sslca docs around

---
 doc/server/plugins/generators/sslca.txt | 43 +++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)

(limited to 'doc')

diff --git a/doc/server/plugins/generators/sslca.txt b/doc/server/plugins/generators/sslca.txt
index 17f936ffc..cfc01efe1 100644
--- a/doc/server/plugins/generators/sslca.txt
+++ b/doc/server/plugins/generators/sslca.txt
@@ -51,3 +51,46 @@ Getting started
 
 #. Enjoy.
 
+
+====
+TODO
+====
+
+V1.0 - Only handles localhost.key and localhost.crt, therefor
+assuming we only care about a cert for www, or all ssl services
+will use the same cert
+
+Initialiazation:
+Grab options from bcfg2.conf
+load cakey, cacert
+cache other options
+
+Req comes in for key & cert
+If key exists:
+    load key
+    cache key
+    return key
+Else:
+    gen key
+    cache key
+    save key
+    return key
+If cert exists:
+    load cert
+    If fails to verify against key:
+        gen cert
+        save cert
+        return cert
+    If aliases fail don't match
+        gen cert
+        save cert
+        return cert
+    return cert
+Else:
+    gen cert
+    save cert
+    return cert
+
+V2.0 - Maybe create additional types, SSLCertPath, SSLKeyPath,
+to allow generation of multiple certs/keys in arbitrary locations
+
-- 
cgit v1.2.3-1-g7c22