pyca(1) General Commands Manual pyca(1)
NAME
pyca - CA written in python
DESCRIPTION
The scripts in ths suite are basically wrappers around openssl(1). Additionally the scripts integrates the generic CA-functionality with
the mail-system and apache for handling certificate requests; with LDAP for handling distributing certificates and revocation lists; and
cron for maintenance tasks.
PROGRAMMES
ca2ldif.py
Write CA certificates and CRLs to a LDIF file. This is intended for initially setting up the CA entries not for daily CRL update.
The entries are of objectclass certificationAuthority and contain the attributes cACertificate;binary, authorityRevocation-
List;binary and certificateRevocationList;binary. This might require extending schemas on LDAPv2 servers. Have a look at your LDAP
servers configuration documentation.
certs2ldap.py
Send all certs and CRLs to a LDAP repository.
copy-cacerts.py
Copy all CA certificates defined in an OpenSSL configuration to a bundled PEM file or a directory with hash-named symbolic links.
This is quite handy in conjunction with ApacheSSL or Apache with mod_ssl for copying the files for SSLCACertificateFile or SSLCACer-
tificatePath.
ns-jsconfig.py
Create Javascript code containing all CA certificates defined in an OpenSSL configuration for use with the Netscape admin tool (cre-
ating netscape.cfg).
print-cacerts.py
This simple script prints all CA certs on stdout. It is intended to generate authentic printouts (on paper!) of the CA certs finger-
prints and is typically run on the private CA system. Choose the option --html to generate nicer formatted HTML-output instead of
the default textual output in ISO-8859-1.
ns-jsconfig.py
Create a Javascript file to be included in a Netscape configuration file (netscape.cfg).
SEE ALSO
pyca(8)
The programs are documented fully by the HTML documents in /usr/share/doc/pyca/htdocs/
COPYRIGHT
Copyright (C) 2001 - 2003 Michael Stroeder <michael@stroeder.com>
This software including all modules is Open Source and given away under: GPL (GNU GENERAL PUBLIC LICENSE) Version 2.
The author refuses to give any warranty of any kind.
AUTHOR
Michael Stroeder <michael@stroeder.com>
This manual page was written by Lars Bahner <bahner@debian.org>, for the Debian GNU/Linux system.
june 30, 2002 pyca(1)