-
Alain Takoudjou authored
The CA python egg is here: https://lab.nexedi.com/vpelletier/caucase instance-certificate-authority.cfg.jinja2.in deploy a CA server which expose an API on HTTP, all request are done using GET, PUT, DELETE and POST on that API. CA server use ngix + gunicorn (for wsgi) Auth server is an apache httpd which validate client certificate for authentification. It autmatically request a signed certificate to CA and use it in apache configuration. client request will be validated using: SSLVerifyClient require in apache config The CA expose two URL: ${certificate-authority-server:url} which is https URL used to access admin interface ${certificate-authority-server:insecure-url} is the HTTP url which can be used to post csr and download certificate
dbcb00d2