debian man page for pyca

Debian Man Pages All Man Pages Latest Topics Forum Categories

Query: pyca

OS: debian

Section: 8

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

pyca(8) 						      System Manager's Manual							   pyca(8)


NAME

       pyca - CA written in python


DESCRIPTION

       The  scripts  in this suite are basically wrappers around openssl(1). Additionally the scripts integrates the generic CA-functionality with
       the mail-system and apache for handling certificate requests; with LDAP for handling distributing certificates and  revocation  lists;  and
       cron for maintenance tasks.


PROGRAMMES

       pickle-cnf.py
	      Create  a pickled copy the OpenSSL configuration object for faster reading of the configuration. The pickle-file name is the name of
	      the OpenSSL configuration file plus .pickle.

       ca-make.py
	      Generate a CA hierarchy, all necessary files and directories and all initial CRLs (see also signedby extension in OpenSSL configura-
	      tion file). This is intended to be run under user root since it sets the ownership and permissions.

       ca-certreq-mail.py
	      Handles  the  mail  dialogue  after  certificate	request.  The  SPKAC certificate request and LDIF data is moved from the directory
	      pend_reqs_dir to new_reqs_dir. Set this script in your /etc/aliases, procmailrc or similar to receive mails for the  address  speci-
	      fied in caCertReqMailAdr.

       ca-cycle-pub.py
	      This  script  is typically run by the CA admin user via CRON or a similar task manager on a networked system holding the public cer-
	      tificate data. It does several jobs:

	      * Publish new certificates and inform user via e-mail where to download his certificate

	      * Remove stale certificate requests from pend_reqs_dir.

	      *  Spool certificate requests and certificate revocation requests to the system holding the CA's private keys. (not implemented yet)

	      *  Spool certificates and certificate revocation lists from the system holding the CA's private keys. (not implemented yet)

       ca-cycle-priv.py
	      This script is run on the system where the private keys of the CA are stored. It does several jobs:

	      * Mark expired certificates in OpenSSL certificate database

	      * Generate new CRLs, move old CRLs to archive (not implemented yet)

	      * Process certificate requests and certificate revocation requests (not implemented yet)

	      * Spool certificate database, issued certificates and CRLs to public WWW and LDAP server (not implemented yet)


SEE ALSO

       pyca(1)

       The programs are documented fully by the HTML documents in /usr/share/doc/pyca/htdocs/


COPYRIGHT

       Copyright (C) 2001 - 2003 Michael Stroeder <michael@stroeder.com>

       This software including all modules is Open Source and given away under: GPL (GNU GENERAL PUBLIC LICENSE) Version 2.

       The author refuses to give any warranty of any kind.


AUTHOR

       Michael Stroeder <michael@stroeder.com>

       This manual page was written by Lars Bahner <bahner@debian.org>, for the Debian GNU/Linux system (but may be used by others).

								   june 30, 2002							   pyca(8)
Related Man Pages
eurephiadm-certs(7) - debian
strongimcv_pki(1) - centos
x509(3openssl) - opensolaris
openssl_x509(3) - netbsd
nseq(1ssl) - xfree86
Similar Topics in the Unix Linux Community
procmailrc
Spool / Spool off
Check for proper e mail id format
Negative Numbers and If Statements
Bash Courses in Bay Area?