On Thu, Nov 19, 2009 at 18:25, Mike McGrath <mmcgrath@xxxxxxxxxx> wrote:
I played with koji a while back, and one thought that I had at the time was about getting it to work with certmaster. I would think that based on the description from its product page that it would meet the conceptual requirements:
From https://fedorahosted.org/certmaster/
One part I know it is definitely lacking is the user certificates.
-greg
On Fri, 20 Nov 2009, Mathieu Bridon (bochecha) wrote:I think anything helps, we've been looking at dogtag for a while but
> Hi,
>
> > 20:25 < dgilmore> mmcgrath: id like to try work on updating koji auth/ and notifications during F-13 life cycle
> > 20:26 < ricky> PKI would be nice too :-)
> > 20:26 -!- |pitr| [n=kvirc@xxxxxxxxxxxxx] has joined #fedora-meeting
> > 20:26 < mmcgrath> #idea updating koji auth and notifications
> > 20:26 < mmcgrath> #idea pki (ricky says he'll do this and it'll be done by january)
> > 20:26 < mmcgrath> :-P
> > 20:26 * ricky runs
> [snip]
> > 20:28 < smooge> pki?
> > 20:28 < smooge> sorry.. will talk off chan
> > 20:28 < mmcgrath> smooge: yeah our pki right now is very... ehh manual
> > 20:28 < mmcgrath> and not fun to manage :)
>
> Not sure that's what you're looking for, but the guys I work with have
> created this neat Python module to handle CAs and certs:
> http://bitbucket.org/faide/pki/
>
> It's free software (MIT or PSF).
>
nothing has materialized yet. It's good to keep our options open.
I played with koji a while back, and one thought that I had at the time was about getting it to work with certmaster. I would think that based on the description from its product page that it would meet the conceptual requirements:
From https://fedorahosted.org/certmaster/
- Certmaster is a set of tools and a library for easily distributing SSL certificates to applications that need them
- Certmaster originated in the Func project
- Any application can use certmaster for easy exchange of SSL certificates
- Certmaster has a a python API and command line tool provided ("certmaster-request") for requesting certificates
- A daemon, called "certmaster" is included to hand certificates out
- The tool "certmaster-ca" is used to list certs and sign them when requests come in.
- autosigning of new certificate requests is also supported but is off by default.
- configuration is all done via minimal text files
- certmaster has extensive audit logs of certificate operation
One part I know it is definitely lacking is the user certificates.
-greg
_______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list