pyca - CA written in python
The scripts in ths suite are basically wrappers around openssl(1)
Additionally the scripts integrates the generic CA-functionality with the
mail-system and apache for handling certificate requests; with LDAP for
handling distributing certificates and revocation lists; and cron for
- Write CA certificates and CRLs to a LDIF file. This is
intended for initially setting up the CA entries not for daily CRL update.
The entries are of objectclass certificationAuthority and contain the
attributes cACertificate;binary, authorityRevocationList;binary and
certificateRevocationList;binary. This might require extending schemas on
LDAPv2 servers. Have a look at your LDAP servers configuration
- Send all certs and CRLs to a LDAP repository.
- Copy all CA certificates defined in an OpenSSL
configuration to a bundled PEM file or a directory with hash-named
symbolic links. This is quite handy in conjunction with ApacheSSL or
Apache with mod_ssl for copying the files for SSLCACertificateFile or
defined in an OpenSSL configuration for use with the Netscape admin tool
- This simple script prints all CA certs on stdout. It is
intended to generate authentic printouts (on paper!) of the CA certs
fingerprints and is typically run on the private CA system. Choose the
option --html to generate nicer formatted HTML-output instead of the
default textual output in ISO-8859-1.
configuration file (netscape.cfg).
The programs are documented fully by the HTML documents in
Copyright © 2001 - 2003 Michael Ströder
This software including all modules is Open Source and given away under: GPL
(GNU GENERAL PUBLIC LICENSE) Version 2.
The author refuses to give any warranty of any kind.
Michael Ströder <firstname.lastname@example.org>
This manual page was written by Lars Bahner <email@example.com>, for the
Debian GNU/Linux system.