On Tue, Feb 06, 2001 at 08:21:17PM +0100, Massimiliano Pala wrote:
> Konstantinos Agouros wrote:
>
> > I actually just managed today to get a cisco-router borrowed for testing
> > this. So give me a month to see what the cisco wants to know and we can
> > get this working. Actually I think that one can make good consulting money
> > from customers, who don't want to buy Entrust \:)))
>
> News in the new OpenCA structure will hopefully make your work lighter,
> let me know if you want to test the new structure... please take note
> that much work have to be done...
As always \:)
>
> I suggest you to take a look at the new modules ( X509, REQ, PKCS7, CRL,
> etc... ) to get familiarity with the used structures...
I guess (if I remember correctly) the PKCS7 and the CRL-stuff will be most
important.
First of all I will do a little cgi-debugging, to see, what the router
is actually sending. If I understood the Cisco implementation correctly,
one needs a way to retrieve a ca-certificate (there aren't so many ways to
do this \:), to retrieve a crl via ldap (is there a standard-way for this)
and to start a certificate request and retrieve the signed certificate.
These are all thing that openCA can do already one (I guess that's me \:)
just has to find out, how a cisco-router does this.
Konstantin
>
> C'you,
>
> Massimiliano Pala ([EMAIL PROTECTED])
--
Dipl-Inf. Konstantin Agouros aka Elwood Blues. Internet: [EMAIL PROTECTED]
Otkerstr. 28, 81547 Muenchen, Germany. Tel +49 89 69370185
----------------------------------------------------------------------------
"Captain, this ship will not sustain the forming of the cosmos." B'Elana Torres
_________________________________________________________________
OpenCA - Users Support Mailing List [EMAIL PROTECTED]
