> On 25 Feb 2017, at 17:36, Oliver Welter <[email protected]> wrote: > > > > Shared Database: If you can accept a shared database, you can modifiy the > default csr workflows so the RA side stops when it comes to signing and a > scheduler on the CA side takes over.
So in theory - can I simply install OpenXPKI on one internal and one public machine with shared database and leave the CA keys and passwords only on the internal one? Admins will only access the internal one, users will only access the public one, so this should just work...? What steps can I take to limit the access of the public instance to secrets in this scenario? I'm thinking about ca-generated private keys in particular (not sure what else is there to protect). I don't know yet whether I want those downloadable from the public instance at all. If an attacker gains complete access to the public instance, what can he do? Looks to me he'll be able to access all the ca-generated private keys and then it comes to how good password was used when creating the request. Is that it? I haven't fully understood what "datasafe" protects, just that it uses both asymmetric and symmetric key (it probably isn't easily possible to only encrypt on the public instance and decrypt on the internal one?) I don't know what leaving that on the public instance would mean. Am I on the right track here? :) And I must say that so far everything I tried "just worked" which is pretty amazing, Thanks Jan ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
