Abstract certificate operations
Bug #1463757 reported by
Stanislaw Pitucha
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Anchor |
Fix Released
|
Medium
|
Stanislaw Pitucha | ||
Bug Description
Move the current certificate operations into a module for "local" operations. This opens the way to configuring additional backends, like HSMs.
The backend selection should be possible in the configuration.
Revision history for this message
| Stanislaw Pitucha (stanislaw-pitucha) wrote | #1 |
Revision history for this message
| Stanislaw Pitucha (stanislaw-pitucha) wrote | #2 |
| Changed in anchor: | |
| assignee: | nobody → Stanislaw Pitucha (stanislaw-pitucha) |
| status: | Triaged → In Progress |
| Changed in anchor: | |
| status: | In Progress → Fix Released |
To post a comment you must log in.
Not all operations need to be moved. Parsing and validation of CSRs are completely independent from the signing. It's the sign function itself which needs to be abstracted. This can be easily separated by "module.path:func" options to the CA configuration section.