Majic Projects ~ [CLOSED] GC-3 - Ability to initialise CA hierarchy

Majic Projects

Gimmecert

Projects
Wiki
- Quick links
- Wiki
- Project wikis
- Conntrackt
- Django Pydenticon
- Gimmecert
- Majic Ansible Roles
- Pydenticon
- Scripts
- Global content

You are not logged in

Gimmecert / Closed Feature request GC-3 Ability to initialise CA hierarchy

Votes

This issue has been closed with status "Closed" and resolution "RESOLVED".

- No additional actions available

Issue basics

Type of issue

Feature request Unknown issue type
Issue label

No label set
Category

Not determined
Targetted for

0.1.0 Not determined
Status

Closed

Status not determined
Progress
Priority

Not determined

Affected by this issue (0)

There are no items

People involved

Posted by
branko (@branko)

Branko Majic
@branko

Last seen online at Apr 20, 2024 - 08:59

Show user details
Owned by

Not owned by anyone
Assigned to
branko (@branko)

Branko Majic
@branko

Last seen online at Apr 20, 2024 - 08:59

Show user details
Not assigned to anyone
Subscribers

0 subscriber(s)

Click here to show the list of subscribers

Times and dates

Posted at

Feb 21, 2018
Last updated

Mar 02, 2018
Estimated time

4 hours Not estimated
Time spent

16 hours No time spent

Click here to see time logged against this issue

Issue details

Resolution

RESOLVED Not determined
Reproducability

Not determined
Severity

Not determined

Attachments (0)

There is nothing attached to this issue

Child issues (0)

This issue does not have any child issues

Duplicate issues (0)

This issue does not have any duplicates

Show / hide more details »

Description

In order to successfully issue end entity (server/client) certificates, it must be possible to initialise a CA hierarchy. Hierarchy initialisation should be kept as simple as possible.

The following should be done:

Implement initialisation command.
Initialisation command should:
- Set-up the necessary directories.
- Generate the necessary CA private keys.
- Issue the necessary CA certificates.
- Provide user with information on what has been created.
Initialisation command should support the following options:
- Base name for the issued CA certificates. Base name should default to current working directory name.
- CA hierarchy depth. Default should be 1 (just the root).
Initialisation command should be implemented with the following constraints in mind:
- Don't be destructive. If the hierarchy has already been created, show a warning to user, instructing them to remove directory first, and do not overwrite any data.
- Artifacts should be stored within a sub-directory called .gimmecert.
- CA certificate subject DN should be of format CN=BASE Level N CA, where BASE is the base name, and N is the level of CA (level 1 for root, level 2 for CAs signed by root etc).
Documentation should cover:
- Simple command use, without providing any parameters.
- Complex command use, showing how to specify custom base name and hierarchy depth.
- Directory and file layout structure of generated artifacts.

Todos (0 / 0)

Options

There are no comments

Welcome to The Bug Genie

Log in with your username and password