Re: [Openca-Users] Dataexchange with several RA

Mon, 16 Feb 2004 06:31:07 -0800

Nuno Miguel Neves wrote:
Thanks for your answer. I'll try to explain:

I have eight different RA servers in very different places.
Each one will have the public interfaces (ldap, ra, node).

... and pub.

Since I don't want to have a single point of failure, I would like all of them to have a local database to keep their own requests, so that the failure of one machine can not render the whole thing inoperable.

8x(node, ra, ldap, pub)

And then, I would like the CA server to get all the information via ssh (an almost offline CA).

I can make sure the serials do not conflict with the module_ID, right?

Yes, for example this configuration would work (big numbers are module IDs):

server  node  ra ldap pub
1        101 102  103 104
2        111 112  113 114
...
8        171 172  173 174

Can you give me some advice on this?

Which advice do you need?

PS - What is the difference between 2.2 and 2.3?

The dataexchange model is different. If you have one offline CA database and several (8) parallel online databases then every online database must exchange it's data directly with the CA (means 8 full offline syncs). If you have a hierarchical organization where you sync the CA with one online database and then syncing this online database with all (8) other online databases then you can implement for example the dataexchange with scp which is much easier to handle than floppies, CDs or DATs etc..

Michael
--
-------------------------------------------------------------------
Michael Bell                   Email: [EMAIL PROTECTED]
ZE Computer- und Medienservice            Tel.: +49 (0)30-2093 2482
(Computing Centre)                        Fax:  +49 (0)30-2093 2704
Humboldt-University of Berlin
Unter den Linden 6
10099 Berlin                   Email (private): [EMAIL PROTECTED]
Germany                                       http://www.openca.org



-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to