Hi Tomas, > I need to learn more about PKI in order to test a small system that > acts as a PKI client. The client uses X.509v3 certificates, depends on > trust chains and uses OCSP to check certificate status. I also need a > lab PKI setup in order to later perform the tests. I have just spent > some days trying to install and configure openca 0.9.3 RC1 but now > learnt about openxpki. As activity seems to be higher in your project, > I wonder whether I should try openxpki instead. I have understand that > some openxpki developers previously participated in openca development > and that openxpki to some extent is based on openca, so I hope someone > on this list can help me with a recommendation. > > I have no need for a "production stable" system but really need a > quick start and not too much bugs. > > If you recommend openxpki, as you don't have any release yet, > should I > then best use a snapshot or work from the svn trunk in order to > quickly > get any bugfixes?
well, OpenXPKI was started by the guys that formed the core development team of OpenCA. Unfortunately we had some quarrels with the project founder which ultimately lead to the launch of OpenXPKI. To answer your question: OpenXPKI is maturing, and it is very possible to set up a test CA without much effort. In fact we'd really appreciate if you tried it and gave us feedback. So if you want to try it out please feel welcome, we are going to help you setting your system up. I guess we will also learn a lot about user requirements this way. (Note that OCSP is not yet supported by OpenXPKI, but it you can either create a standalone OCSP responder, or we can add OCSP support to the project.) If you try it out, use the SVN head revision. High-level overview: - install the Perl dependencies (lots of packages) - install the OpenXPKI core modules (trunk/perl-modules/core/trunk) - install the Client base module (trunk/clients/perl/OpenXPKI-Client) - install the web frontend module (trunk/clients/perl/OpenXPKI-Client- HTML-Mason) - install the deployment module (trunk/deployment) Then run the deployment procedure openxpkiadm deploy and follow the instructions openxpkiadm initdb initializes your database Create and import some CA certificates. (openxpkiadm certificate import) openxpkictl start will start the server if is configured properly. After you have configured your web server properly, you will be able to access the web frontend. cheers and welcome aboard, Martin ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ OpenXPKI-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-devel
