Bug#157711: RFP: openca -- Full featured opensource X.509 CA
Package: wnpp
Version: N/A; reported 2002-08-21
Severity: wishlist
* Package name : openca
Version : 0.9.x
Upstream Author : Tommaso Cucinotta, etc.
* URL : http://www.openca.org/openca/
* License : Apache Style License
Description : Full featured opensource X.509 CA
This is a full featured, web based CA, with support for breaking the
task up into multiple modules (so the actual part of the CA for instance
can live on a disconnected computer for increased security). It also
supports stuff like CRLs for revocation, storing certificates in LDAP,
and controlling access to different functions based on the adminstrators
authenticated key (if correctly configured using HTTPS).
I have preliminary packages online at
<URL:http://snoopy.apana.org.au/~ftp/debian/pool/openca/> (from CVS),
but don't have time to test these or keep them up to date.
Also, it is possible that someone else might be able to improve on my
hacked configuration scheme (upstream rely on configure to do run time
configuration; also some configuration files are altered at run time and
should not automatically get replaced, altered, or added when upgrading
due to security reasons).
It requires the CVS version of openssl. This shouldn't be as difficult
as it might appear at first, all that is required is a copy of
/usr/bin/openssl (could be renamed to openssl-cvs), and no shared
libraries seem to be required.
-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux snoopy 2.4.18 #1 Thu Jul 11 16:32:07 EST 2002 i686
Locale: LANG=C, LC_CTYPE=
Reply to: