Greetings all, Background: I am in the process of researching OpenSSL and OpenCA for use in a project that my company is doing. What we are going to be doing is having a Certificate Authority on a secured network (I know, the CA shouldn't be connected to the network but this is not very closed network situation and has nothing to do with browsers.) and use it to issue certificates for devices on the fly. What we'd like to do is to have a port open on the CA box so that we can just make a call on that port and have it issue a certificate based on given information in the request. This certificate would be signed by the CA (CA is a private one using a self-signed root CA certificate) and used by the calling computer to authenticate devices connecting to it.
Our platform is Solaris 8 (Sparc) and we will have an Oracle database on the CA box (if needed for storing issued certs, etc). My question is this: Is the OpenCA package overkill for what we're doing or can it be leveraged in this situation? Would we be better off to just write a Perl script to run as a daemon on the CA box and listen on a port and then call OpenSSL to generate certificates and return them on the original port? Thanks for your time. Jeremy Wiebe > Application Developer > Linnet - The Land Systems Company > Tel: 1-204-957-6452 Fax: 1-204-957-7568 Email: [EMAIL PROTECTED] > 1600-444 St. Mary Avenue, Winnipeg, Manitoba, Canada, R3C 3T1 > http://www.linnet.ca > ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
