I have eight different RA servers in very different places. Each one will have the public interfaces (ldap, ra, node).
Since I don't want to have a single point of failure, I would like all of them to have a local database to keep their own requests, so that the failure of one machine can not render the whole thing inoperable.
And then, I would like the CA server to get all the information via ssh (an almost offline CA).
I can make sure the serials do not conflict with the module_ID, right?
So, I would like all hosts to contact the database at localhost.
Can you give me some advice on this?
PS - What is the difference between 2.2 and 2.3?
Michael Bell wrote:
Nuno Miguel Neves wrote:
I want to configure 8 different RA/public interfaces with openca-0.9.1-7.
I have to givem them different IDs, I know, but something is puzzling me.
If I request a certificate in PUB n. 3, How do the other RA know about it?
There are several different things:
1. It is not required that every RA know the request from Pub 3.
2. Which database organization do you plan?
2.1. one central online database
2.2. several parallel online database
2.3. a hierarchical organization of online databases
3. The serials cannot conflict.
4. Parallel databases only know this request if the request is sent from a higher database down to the lower databases during export.
And when I sign a request, how do I transfer that to the CA machine?
Via the normal dataexchange.
Do I have to configure dataexchange with every RA?
Again first you have to describe the database architecture and how do you want to organize your interfaces. The easiest way is a description of your plans.
Michael
--
[EMAIL PROTECTED] Dept. Informatica, Fac. Ciencias,
|\ | |\ | Tel: +351 21 7500528 Univ. Lisboa, Bloco C5, Campo Grande
| \|uno | \|eves Fax: +351 21 7500084 1700 Lisboa, Portugal
------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
