Hi Geert, The values presented there are retrieved from the parameter "RegistrationAuthority" in <OPENCAHOME>/etc/openca/servers/ca.conf (if I'm not mistaken) they are just list of names that you can choose freely.
This parameter is also contained in pub.conf and ra.conf. the list of values should be the same in all files to avoid confusion. the CSRs are written into the "request" table in the database - each record keeps track of the RA. hth Konrad -----Original Message----- From: Geert Hendrickx [mailto:g...@telenet.be] Sent: 04 October 2010 13:52 To: openca-users@lists.sourceforge.net Subject: [Openca-Users] auto-sign - approved at (RA's) Hi, I'm looking for documentation on the "Approved at <RAs>" config option for the auto certificate issuing daemon. I assume it limits the CA to only auto-sign certificate requests that where approved at certain RA('s)? But how can the CA validate this? Does the RA add a signature to the request when an operator approves it without signing? Also what should be listed in this option? Hostnames? RA certificate DN's? Geert PS: can revocation requests be automatically signed, too? -- Geert Hendrickx -=- g...@telenet.be -=- PGP: 0xC4BB9E9F This e-mail was composed using 100% recycled spam messages! ---------------------------------------------------------------------------- -- Virtualization is moving to the mainstream and overtaking non-virtualized environment for deploying applications. Does it make network security easier or more difficult to achieve? Read this whitepaper to separate the two and get a better understanding. http://p.sf.net/sfu/hp-phase2-d2d _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users ------------------------------------------------------------------------------ Beautiful is writing same markup. Internet Explorer 9 supports standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3. Spend less time writing and rewriting code and more time creating great experiences on the web. Be a part of the beta today. http://p.sf.net/sfu/beautyoftheweb _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
