Abstract certificate operations
Bug #1463757 reported by
Stanislaw Pitucha
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Anchor |
Fix Released
|
Medium
|
Stanislaw Pitucha |
Bug Description
Move the current certificate operations into a module for "local" operations. This opens the way to configuring additional backends, like HSMs.
The backend selection should be possible in the configuration.
Changed in anchor: | |
status: | In Progress → Fix Released |
To post a comment you must log in.
Not all operations need to be moved. Parsing and validation of CSRs are completely independent from the signing. It's the sign function itself which needs to be abstracted. This can be easily separated by "module.path:func" options to the CA configuration section.