SCEP enhancements in Datadog
by Matouš Borák
Hello all,
I am a consultant-developer and I’m currently trying to add a few features to Dogtag SCEP for one of my clients (as has already been briefly mentioned in this list before - https://www.redhat.com/archives/pki-devel/2019-December/msg00009.html).
I am a newbie here so I thought I’d rather coordinate my efforts with you first so that the changes can hopefully be merged to Datadog code.
In general, is it OK if I just open a few Pull Requests in the Dogtag PKI Github repository? (I will be ready for cooperation on the code review.)
The features the I am trying to implement in the Dogtag SCEP servlet, are:
• add support for dynamically chosen certificate profile instead of the hardwired one (caRouterCert) - I have the code changes ready to open a PR
• add support for the GetCACaps operation
• add support for certificate renewal via SCEP
• allow multiple passwords per UID in the flatfile
• and possibly a few others...
Thanks!
Matous Borak
2 years, 7 months
Hello PKI Team
by Sagheer Ali M
Hello PKI Team
I realized that you are one of the best contributors of dogtagpki
open-source project from the github.
https://github.com/dogtagpki/pki
And then, I know your team have too many issues to resolve.
https://pagure.io/dogtagpki/issues
I hope to be also the contributor of dogtagpki project. So I will be
appreciate it if you help me to participate into your project and hope
to make dogtagpki will be world's best PKI solution.
I have already signed-up on pki-devel mailing list.
I have rich experience in PKI and Cryptographic fields and solutions.
I have already worked on several projects including patching new
cryptographic algorithms, customization SSL/TLS mechanism, and issuing
X.509 certificate based on specialized signing profile.
And I have good knowledge for developing open-source PKI such as Open
SSL, Open CA, RHCA.
I have worked on developing to customize PKCS#11 module of NSS (Firefox
Security Module), and gpkcs11.
All web browsers (not Firefox) use windows cryptographic library
interface and windows CryptoAPI is based on CSP (Crypto Service
Provider) to manage PKCS#11 stores.
But, only Mozilla Firefox use self-security library, called "NSS" and
also this library has self PKCS#11 interface and manage all DC with
software PKCS#11 token.
Additionally:
I have already known open-source crypto libraries such as OpenSSL, NSS,
GnuTLS, CryptoLIB.
I am looking forward to discussing it with you soon.
Thanks in advance.
Skype: live:.cid.8742968897360181
Email: alisahheer1008(a)gmail.com
2 years, 7 months
