[Pki-devel] [PATCH] 0084..0086 Lightweight CA replication support
Hi all,
The attached patches implement replication support for lightweight
CAs. These patches do not implement key replication via Custodia
(my next task) but they do implement the persistent search thread
and appropriate** API behaviour when the signing keys are not yet
available.
** In most cases, we respond 503 Service Unavailable; this is open
for discussion. ca-authority-find and ca-authority-show include
a boolean field indicating whether the CA is ready to sign.
There might be (probably are) endpoints I've missed.
Cheers,
Fraser
Attachments:
- pki-ftweedal-0086-Lightweight-CAs-indicate-when-CA-does-not-yet-have-k.patch (text/plain — 14.1 KB)
- pki-ftweedal-0085-Lightweight-CAs-set-DN-based-on-data-from-LDAP.patch (text/plain — 2.5 KB)
- pki-ftweedal-0084-Lightweight-CAs-monitor-database-for-changes.patch (text/plain — 40.8 KB)