1. 24 May, 2017 1 commit
  2. 16 May, 2017 1 commit
  3. 27 Apr, 2017 1 commit
    • Alain Takoudjou's avatar
      Add new stack certificate authority based on new CA implemetation · dbcb00d2
      Alain Takoudjou authored
      The CA python egg is here: https://lab.nexedi.com/vpelletier/caucase
      instance-certificate-authority.cfg.jinja2.in deploy a CA server which expose an API on HTTP,
      all request are done using GET, PUT, DELETE and POST on that API.
      CA server use ngix + gunicorn (for wsgi)
      Auth server is an apache httpd which validate client certificate for authentification.
      It autmatically request a signed certificate to CA and use it in apache configuration.
      client request will be validated using:
      SSLVerifyClient require in apache config
      The CA expose two URL:
      ${certificate-authority-server:url} which is https URL used to access admin interface
      ${certificate-authority-server:insecure-url} is the HTTP url which can be used to post csr and download certificate