RE: [ssl-users] port the TXT_DB to SQL server

Sat, 25 Apr 1998 05:48:10 -0400 


-----Original Message-----
De: xjin <[EMAIL PROTECTED]>
Para: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Fecha: jueves 23 de abril de 1998 12:39
Asunto: [ssl-users] port the TXT_DB to SQL server


>Hi,
>
>As you know, SSLeay stores some information about applicants'
>certificates using a plain
>text file. When this index.txt file is destroyed by intruders or by
>accident a CA will lose
>all the information about applicants' certificates.
>
>A practical method is to porting the text DB to some real DB such as SQL
>server (
>MySQL or mSQL are the first selection for researching purpose, I think).
>So is there
>anyone interesting in this subject? Can anybody give me some suggestions
>in this subject?
>
Hi!,

    We need something very similar. We develop a system to send secured and
signed files. We are now integrating with SSL, and need a CA database. We
need a GUI to the database an implement a new CA database, using our own
files. Then we developed a new X509_LOOKUP_METHOD to search the CA's in out
database, and add a new method to the cert store with.
    lookup =
X509_STORE_add_lookup(m_ctx->cert_store,X509_LOOKUP_hash_icdb());

We tell the new LookUpMethod where the database is with something like this

    LookupMethodSetDB(lookup, pICDB); // pICDB /Ptr to IC DataBase (IC is
for InterComputer our Enterprise's name)

    The new X509_LOOKUP_METHOD implement the following methods

static X509_LOOKUP_METHOD x509_icdb_lookup=
{
     "Load certs from IcDataBase Object",
     (int (*)(void))NewCertDB,  /* new */
     (void (*)(void))FreeCertDB,  /* free */
     NULL,       /* init */
     NULL,      /* shutdown */
     NULL,      /* ctrl */
     (int (*)(void))GetCertBySubject, /* get_by_subject */
     NULL,      /* get_by_issuer_serial */
     NULL,      /* get_by_fingerprint */
     NULL,      /* get_by_alias */
};

And GetCertBySubject is similar with the hash_dir method, except for use the
member functions of our class (ICDB).

I hope this can help you.

See U!


PD: (Please excuse my poor spanished English :)





+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/  |
+-------------------------------------------------------------------------+

Reply via email to