> I'm planning to use OpenCA to run a PKI infrastructure to
> issue credentials. I have a few questions:
>
> 1) Can the CA be configured to publish the CRL to an RA, or can it
> be publish to an ldap?
CA should be offline, so copying the crl to RA is essiential.
LDAP publishing is implemented too.
> 2) Are CRL publish automatically everytime a cert are revoked?
No
> 3) Does openCA comes with an ldap directory server?
No
> 4) I would like to enable ocsp service to handle cert revocation checking,
> does this comes with the CA ? Can the OCSP responder be installed on the
RA?
There is a ocsp daemon. As the CA machine should be offline, ocsp has to
be on the RA machine.
Regards Til
PS: Dont write HTML emails!
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
